Incident Response

Once an organization has been attacked, our always-ready IR team jumps into action. The team arrives at the customer’s premises anywhere in the world within a short time, holds a brief review with the local security team, studies the different attack vectors and builds a quick setup for action. The team provides an effective response to the attack, with the objective of restoring the organization from shutdown or freeze back to business as usual.

​

​

White-Hat’s IR team is backed by a remote team of analysts providing 24/7 back office support. The teams have decades of experience in incident response, malware analysis, social engineering, SIEM management and more. We combine offensive abilities with vast knowledge of the cyber defense world, and experience in handling cyber events in major enterprises, as well as national attacks such as Iranian cyber-attacks on Israeli organizations.

​

​

Our IR team works around the clock, side by side with the customer’s team to investigate and block the attack, mitigate the consequences, simulate and execute various attack strategies to repair the gaps and discover new vulnerabilities, accompany the recovery process and analyze the business impact. The team uses various methodologies, including proprietary monitoring and analyzing tools, custom rules for the organization’s systems, and a network behavior analysis system performing a quick yet thorough analysis of all the outbound traffic.

​

​

As with our other services, this is performed using the organization’s existing resources, so the client is not obligated to buy any designated software or systems.