If you are responding to a security incident, your actions are critical to reducing the (potential) impact. Frequently, organizations lack the resources and/or subject matter expertise to optimally respond to an incident. In this scenario, Pivot Point Security can function as an integral part of your Computer Security Incident response team (CSIRT). We can help you address:
- Incident Impact Assessment
- Scope and Extent Determination
- Incident Containment
- Incident Investigation
- Cause determination
- Data collection (logs, ICQ, Inventory, trusted systems, )
- Restore or Monitor
- Legal and Law Enforcement Engagement
- Recovery of Services
- Trusted Restore
- Systems/Network Surveillance
- Incident review/Continuous Improvement
If you are preparing for or learning from a security incident, it may be advantageous to engage a third party with relevant subject matter expertise. In this scenario, we can help you address:
- Incident Impact Assessment
- Security Audit Policy Review and Implementation
- Incident Response Plan Review/Development
- Incident Investigation
- Cause determination
- Data collection (logs, ICQ, Inventory, trusted systems, )
- Restore or Monitor
- Legal and Law Enforcement Engagement
- Recovery of Services
- Trusted Restore
- Systems/Network Surveillance
- Incident review/Continuous Improvement