No lengthy forms.No questionnaires.Just protecting your business, today.

register your key

How does IR-1 Work?

Investigation procedures in compliance to industry best practices (SANS, NIST, ISO)

SUSPECTED CYBER INCIDENT Client Shall: • Contact Blackpanda 24/7 notification center • Submit to Blackpanda the incident data-ingestion form • Continue to monitor incident for developments Blackpanda acknowledges and responds IDENTIFY • Determine the validity and severity of the event • Deploy endpoint data collection tools • Begin data collection ANALYZE • Conduct preliminary analysis • Define scope and assign roles • Communicate plan for action • Begin containment and remediation CONTAIN,ERADICATE & RECOVER • Contain/quarantine the incident • Conduct root cause analysis • Confirm/deny data extraction • Extended remediation* • Recover lost data (if possible) • Assist in restoring business operations* • Submit initial assessment report FINAL REPORT • Cause of incident and response methodology • Remediating actions* • Recommendations for future improvement of security posture SUSPECTED CYBER INCIDENT Client Shall: • Contact Blackpanda 24/7 notification center • Submit to Blackpanda the incident data-ingestion form • Continue to monitor incident for developments Blackpanda acknowledges and responds IDENTIFY • Determine the validity and severity of the event • Deploy endpoint data collection tools • Begin data collection ANALYZE • Conduct preliminary analysis • Define scope and assign roles • Communicate plan for action • Begin containment and remediation CONTAIN, ERADICATE & RECOVER • Contain/quarantine the incident • Conduct root cause analysis • Confirm/deny data extraction • Recover lost data (if possible) • Extended remediation* • Assist in restoring business operations* • Submit initial assessment report FINAL REPORT • Cause of incident and response methodology • Remediating actions* • Recommendations for future improvement of security posture