Group-IB Digital Forensics and Incident Response Services

Group-IB's team of Incident Response specialists provides rapid and thorough analysis to support containment, remediation and recovery from the most destructive cyber attacks, including ransomware, unauthorized access, theft of data and money, malware, phishing and scam, and suspected breaches.

Post-incident deliverables:

• Stopping the attacker: Removes the threat actor from the IT environment and restores critical functions in time, to avoid major consequences
• Remediation plan: Data collection, to create a list of indicators of compromise & write detection rules
  
• Incident report for legal proceedings: Specific reports can be prepared for regulators, insurance needs, law enforcement and legal counsel
  
• Recommendations on the next steps: After analysis, Group-IB will prepare a detailed report on how to adjust the security architecture and processes to strengthen the organization's security posture
  
• Investigative report with attacker profile: Incident response and investigation experts explore the DNA of the attack — how attackers gained a foothold and moved laterally inside the organization
  
• 24/7 Network monitoring: For two weeks after responding to the incident, the CERT-GIB team will monitor the infrastructure so the client's IT team has time to implement any recommendations.
  

Group-IB Incident Response combines human expertise, data sources and technologies to get a first-hand understanding of intrusion tactics and malware samples used in most sophisticated cyber attacks.