Security incident response & crisis management
Rely on Intrinsec for your crisis situations
Security incident response, crisis management and threat hunting: discover our services.
CERT-Intrinsec is PRIS-qualified by ANSSI and has assisted hundreds of organizations in the face of cyber crises and incidents linked to ransomware, data leaks, fraud, espionage.
Need help responding to security incidents?
Direct Line: +33 1 47 28 38 39 cert@intrinsec.com – USER ID: cert-intrinsec – Key ID: 0x67823b64e8afd0d5 PGP key fingerprint: 15F329628D03DBF6DC4D409067823B64E8AFD0D5
Our CERT is available Monday to Friday – 8:30 am to 6:30 pm.
If you wish to benefit from our 24/7 services, we also offer a subscription service. It allows you to contact us at any time, guarantees service levels and supports you in your crisis management and incident response postures, upstream. Find out more about subscription below.
Your challenges, our priority.
Will you wait for one incident too many to put you in a hurry? Unavailability of your information system, data corruption, high associated costs, internal crisis to manage…
The business impacts of a security incident are diverse and costly.
Anticipate and limit them with our CERT offer!
CERT-Intrinsec offers a range of services for :
- Help you prepare (organize your processes, raise awareness, make sure you have the technical resources to respond, help your SOC)
- To provide you with the capacity to intervene when you need it, on demand as part of a subscription.
Anticipate
Provide alerts on signals to anticipate malicious actions and increase context analysis capabilities.
React
Incident response system for rapid clarification and mobilization of CERT analysts when necessary.
Strengthen
Reduce response times, capitalize on post-incident information, improve organizational and technical defensive posture in the face of these threats, and raise targeted awareness.
Our incident response services
Incident response
Clearing up doubts, Intervention in the event of
of necessity & Crisis management.
Your incident response
in 6 essential steps :
- Preparation – Integration of CERT-Intrinsec into incident management procedures & Definition of processes.
- Identification – Detection of the incident & Assessment of the affected perimeter.
- Containment – Search/Analysis of attacker entry points & Suppression of fraudulent access.
- Restoration – Removal of remaining malicious elements & Verification of system clean-up.
- Return to normal – Return systems to normal & Inventory potentially compromised resources.
- Capitalization – Detailed incident analysis & Improvement plan
Our anticipation service
and CERT protection.
With our CERT subscription, you benefit from a comprehensive service that can be solicited on demand, enabling you to
be optimally prepared for incidents, define an effective intervention protocol and benefit from assured intervention capacity according to your needs/emergencies.
Option – Risk Anticipation: To complement your CERT subscription, our Cyber Threat Intelligence service offers you access to its Risk Anticipation service, including :
- Newsletters – Notification of major cyber events and presentation of verified information, proposal of detection, containment or remediation actions, monitoring of situation evolution and distribution of updates.
- Targeted briefings – Depending on your sector of activity, our Threat Intelligence team will produce targeted briefings tailored to your needs: Energy, Media, Transport, Agro, Healthcare, etc.
Cert subscription
Digital investigation
Go further in your incident response.
The aim of our digital investigation
is to provide you with the technical elements you need to support or refute an initial hypothesis concerning your incident response.
- A focused approach – Our digital investigation involves concentrating analysis on a reduced number of systems, and integrating your disaster recovery needs into our recommendations.
- A safe process – Our analysts are trained in-house and have market-leading certifications(SANS, DFIR). Our investigations follow best practices in digital evidence management.
- Legal framework – CERT operates within the French legal framework.
From global search to targeted intelligence.
Search for internal threats within your IT assets, according to your specific needs.
- Global threat search – retrieve information and events from multiple solutions, collection tools and manual analysis.
- Threat Hunting / Threat Intelligence – Mapping your perimeter with our Cyber Threat Intelligence, reporting indicators of compromise & specific research based on these indicators in your IS.
- Red Team – A Red Team can be created following Threat Intelligence mapping to simulate an attack based on these indicators of compromise.
- Incident response research – Indicators of compromise / Attack indicators / Tactical techniques and incident procedures (TTP) & Targeted research based on known indicators of compromise.
Threat Hunting
I choose Intrinsec to manage my security incidents
Highlights
A generic understanding of IS: 360° expertise in cybersecurity, from assessment to remediation.
A multi-skilled, multi-disciplinary CERT team drawing on a wide range of security expertise (Pentest, Red Team, SOC…).
From
GIAC certifications
: GCFA, GREM, GNFA
A strong capacity for adaptability acquired through experience.
Take advantage of our many services that complement CERT.
An offer PRIS qualified.
We can’t stress this enough: the key is preparation. From a purely organizational point of view, first of all, by asking ourselves a few questions: what are the profiles of attackers likely to harm us? What attack scenarios can we envisage for these profiles? What measures do we have in place to prevent, detect and react to these scenarios? The next step is to choose the means to be used to answer these questions. An up-to-date architecture diagram, a coherent flow matrix, a classification of critical business assets… all essential information for identifying priority points for inspection, and planning appropriate defensive actions.