92a629_1d49142dda854716b7a10ec6461d1101_

Cyber
Incident 
Response

Cyber breaches happen quickly and can ruin a business. 

With a team of professional incident response (IR) specialists on deck, you can rest assured your business is backed with the expertise you need to bounce back from a breach.

White Gradient

   $3.86M

average total cost of a data breach

US

   $1.3M

average breach savings with an incident response team and plan in place

US

Blackpanda uniquely manages post-breach losses by offering retained and on-demand incident response services from multidisciplinary regional responders, addressing the greatest pain points of a cyber security breach.

Our proprietary risk analysis and cyber security incident response software allows our specialists to respond quicker and more efficiently, with support from our next generation voice stress analysis technology, to both eradicate malware and root out internal human threats.

LOCAL RESPONDERS

Blackpanda deploys highly trained teams of cyber security incident response specialists throughout APAC, with the local linguistic and cultural understanding necessary to manage a crisis. We are able to activate both remote and on-site responders for fast and efficient boots on the ground. 

HYPER-SPECIALIZATION

Our focus is an inch wide and ten miles deep, exclusively in the niche of cyber security digital forensics and incident response. Our responders bring specialized experience and regularly train on a range of incidents including ransomware and negotiation, maritime response, and operational technology.

MILITARY PRECISION

Our team consists of an elite cadre of cyber risk and security experts from military special forces, intelligence, forensics, and law enforcement backgrounds. Our military origins drive our culture of efficient operational processes, precise delivery of high-quality service, and consistent responsiveness — we bring our lessons from the battlefield directly to the board room.

Incident Response

Process Overview

The Blackpanda DFIR team is comprised of a skilled set of practitioners who are highly experienced and well-trained in crisis management. The team follows procedures developed by Blackpanda, based on a combination of industry best practices (SANS, NIST, ISO) and the requirements of our specific tools and capabilities.

Identify.png

PREPARE

Upon Suspecting an Incident, Client Shall:

  • Contact Blackpanda 24/7
    notification center

  • Submit to Blackpanda the incident data-ingestion form

  • Continue to monitor incident for developments

IDENTIFY

Blackpanda Will, Within 4 Hours: 

  • Acknowledge notification and respond

Within 4–24 Hours: 

  • Determine validity and severity of event

  • Deploy Pandarecon to suspected compromised endpoints

  • Begin data collection

Within 48 Hours:

  • Conduct preliminary analysis

  • Define scope and assign roles

  • Communicate plan of action

  • Begin containment & remediation

Lessons Learned.png
Contain Eradicate.png

CONTAIN, ERADICATE & RECOVER

Beyond 48 Hours: 

  • Contain/Quarantine the incident

  • Conduct root cause analysis

  • Confirm/Deny data exfiltration

  • Extended remediation

  • Recover lost data (if possible)

  • Assist in restoring business operations to normal

  • Submit initial assessment report

LESSONS LEARNED

Final Report Covering:

  • Cause of breach

  • Methodology used

  • Remediating actions

  • Recommendations for further improvement of security posture

Cyber Insurance & IR Services Coverage

Blackpanda Incident Response services may also be included as part of a comprehensive cyber security insurance policy.

As named responders on a policy, all Blackpanda response fees may be covered, in addition to first- and third-party losses such as business interruption as well as regulatory fines and fees.

 

Interested in finding incident response services that drive both your business and cyber security goals? We can help.