Emergency Breach Support
Security Incident Response & Vulnerability Assessment

You have been notified by a third-party of a compromise of data or have reviewed your network information and found you have been hacked. What are you to do next?

Cybexa’s emergency breach support is a comprehensive approach that partners with our customers to ease the pain and stress involved when an organization realizes they have been breached. We do this by following our incident response process designed to detect, analyze, isolate, eradicate, restore, and report on the compromise. Our forensic experts will carefully analyze, remove, and document the incident to ensure chain of custody and integrity of the information to be admissible in court in the event an organization chooses to pursue legal action. Our team will also work alongside our internal communication specialist that will work with customer leadership to create messaging and notifications around the compromise to meet legal requirements as well as to be proactive in our response to mitigate future damages to the organization and/or their customers.

Rapid Eradication Process (REP)

1. DEPLOY

We work with you to deploy and configure our REP kit to capture information in order to rapidly collect and analyze the threat.

2. DETECT

We use standard forensic operating procedures and “court approved” forensic applications to identify the security event.

3. ANALYZE

Upon detection we will quickly analyze the magnitude of the incident and its behavior to ensure we take appropriate measures that don’t allow it to spread.

4. ISOLATE

Once we understand the incident and its behavior we will quickly contain it to eliminate its ability of causing greater damage.

5. ERADICATE

Eradication of the incident will be done by removing malicious files, accounts, and other changes performed by the attacker.

6. RESTORE

We will work with you to restore services disrupted by the attack as well as assist you in making configuration changes to protect you against a similar and/or the same attack pattern. Simultaneously, we will provide you with a tailored communications kit that will include notification requirements and messaging to comply with federal and state laws as well as to protect your reputation with your customers.

7. REPORT

At the end of each engagement we will provide a full report outlining a transactional log of activities, description of actions taken throughout the process, our findings, restoring configuration changes made, and recommendations to prevent future security incidents.