New release : CTI Report - Pharmaceutical and drug manufacturing 

                 Download now

Crisis Management Guide

Volume 6

By the Intrinsec CERT

Name

What you will find in this volume

  • Reconstruction process: isolated network bubble, healthy AD forest, remediation procedures, restoration from pre-intrusion backups
  • Implementation of enhanced monitoring (IOC, TTP) and gradual reopening of flows
  • Criteria and indicators for exiting the crisis; lessons learned (RETEX) with a detailed framework (duration, impacts, recommendations)
  • Common biases and pitfalls in crisis management (cognitive biases, organizational dysfunctions, fatigue) and tips for avoiding them
  • Objectives of the rescue and role of the forensic expert regarding the date of intrusion, point of entry and actions of the attacker.

View all volumes

Our expertise

CERT Subscription

  • 24/7 emergency response in case of attack
  • Direct line to CERT experts
  • Prior knowledge of your context
  • Lessons learned and improvement plan

Cyber Crisis Management

  • Cyber crisis unit that can be activated quickly
  • Support for strategic decision-making
  • Crisis communication coordination
  • Post-crisis reinforcement plan

Incident Response

  • Rapid qualification and containment of the attack
  • Forensic and technical investigations
  • Immediate corrective actions on the IS
  • Post-incident report and recommendations

Threat Hunting

  • Proactive detection of hidden threats
  • In-depth analysis of logs and telemetry
  • Regular retrohunting campaigns
  • Blind spot detection closure

Incident Response Academy

  • Training based on real crises
  • Practical exercises for operational teams
  • Sustainable strengthening of internal skills
  • Alignment with cyber standards and requirements

Trusted partner

A guarantee of excellence recognized by national authorities

The Intrinsec CERT, qualified PRIC High (incident response)  The ANSSI-run cyber incident response center is recognized for its high level of expertise and operational experience, particularly in complex and targeted attacks. It operates 24/7 to support organizations in managing major incidents, technical remediation, crisis coordination, and post-incident learning to sustainably improve the resilience of their information systems.

Design sans titre (38)
Ugap_logo
resah_logoblanc_rvb

Contact Intrinsic

Do you want to strengthen the security of your information system, ask a question or exchange information with an expert?
Intrinsec puts its expertise at the service of your cybersecurity.

Whether you are a company, a partner, or a public organization, Our team of experts is here to help you to address current cybersecurity challenges.

Send us your request using the form below.

Trusted partner:

:
:
:
Contact
Company workforce
How did you find out about Intrinsec?
Contact