Incident Response Retainer
Lock in fast and comprehensive support and access a team of experts for a timely response to attacks.
Are you a DISP member looking to uplift to E8 Maturity Level 2?
Lock in fast and comprehensive support and access a team of experts for a timely response to attacks.
How we can assist:
Local support and advice, as well as guaranteed response time in the event of an attack.
Secure access to the right experts. Complete visibility and finely tuned processes.
Advance network assessments for attack scenarios.
Supported by forensic and incident analysis technology.
Running an effective Security Operations Centre.
The complexity of running your own 24/7 SOC can be a distraction from your business’s core purpose. Avoid the hassle of coordinating IT resources, maintaining compliance and managing your security in a comprehensive, cost-effective way by partnering with us.
Managing your security program.
Being in control means having the right information at the right time. A good detection and response program will ensure you maintain the highest standards across your Governance, Risk and Compliance (GRC) activities. Our IT security experts offer decades of experience dealing with breaches of varying sizes and scales.
Detecting and responding to common threats and attacks.
The greatest challenge for businesses today is the rapid detection and response to threats. Malicious attacks, including malware, phishing, ransomware, DDoS and social engineering attacks can escalate quickly, becoming a major breach. The PR and regulatory implications can be devastating. We bring together the right people, processes and technology to protect your organisation.
An Incident Response Retainer offers a process of forensic discovery, active containment, and rapid eradication of intruders from the network. Gain access to incident response experts and secure guaranteed SLAs.
Post Activity – Tesserent will carry out any further forensic activities as requested by the Customer, including providing reporting aligned with your governing body, or federal government guidelines. Tesserent has the capacity to speak in court if your incident becomes a legal matter.
Tesserent follows the NIST 800-61 framework when dealing with major cyber security threats in our customers' environments.
The framework consists of the following steps:
Preparation – Tesserent’s proactive approach to incident response delivers your organisation an incident response plan, ensuring those responsible for participating understand their roles and responsibilities and that your organisation has a plan in place when the worst happens. Preparation is a proactive measure that has the biggest influence on reducing the impact of cyber incidents whilst assisting to prevent an incident in the first place.
Detection – Tesserent assists in ensuring that your organisation will not only have the appropriate security tools in place, such as SIEM and EDR but that the information being collected is relevant and in line with best practice, assuring protection of the data that matters to you and keeping your security solution cost-effective. In addition to providing skilled analysts and engineers, we also arm them with advanced threat detection tooling and techniques such as AI and automation.
Analysis – Tesserent analyses security alarms, events, and incidents to deliver end-to-end incident response for your organisation. Our team of specialists analyses an incident to determine the source, how best to remediate it, and to confirm remediation steps are complete using a combination of automated and manual techniques.
Containment and Eradication – Containment and Eradication without the appropriate skills can result in further organisational damage - critical data may be deleted, or assumptions made on the ‘eradication’ of a threat actor, when they may still be active elsewhere, or commonly, have placed back doors in your environment to regain access. Tesserent has the skills to contain and eradicate major cyber security incidents to their entirety. Tesserent can also conduct forensic analysis when required.
Recovery – Tesserent supports organisations in recovery through post-incident reviews, recommendations for improvement to prevent the recurrence of incidents, and supporting documentation reviews.
Post Activity – Tesserent will carry out any further forensic activities as requested by the Customer, including providing reporting aligned with your governing body or federal government guidelines. Tesserent has the capacity to speak in court if your incident becomes a legal matter.
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.