Incident Response Retainers

Blackpanda Digital Forensics & Incident Responders are available on a retained-hours basis, on call to respond more quickly and with the appropriate pre-breach measures in place to efficiently manage cyber incidents.

White Gradient

$3.86M

average cost of a data breach 

US

$2M

average breach savings with an IR team and plan in place

US

Blackpanda offers a range of retained digital forensics and incident response services tailored to a variety of business needs and financial commitments—including zero cost retainers, pre-paid hours, or as the named responders on a cyber insurance policy.

All retainers include no-cost deployment of Pandarecon risk analysis and remote response technology. 

Zero-Cost Retainers

With no money down, our zero-cost retainers help save both time and money during a response.

 

  • No commitment or annual fee
     

  • Pre-establish response terms and hourly rates prior to activation
     

  • Services charged on a time and materials basis (only on activation)
     

  • All retainers include no-cost deployment of Pandarecon

Services

Pre-Paid Hours

Enjoy prioritized response and further cost-savings by purchasing pre-reserved incident response hours. 

  • Reduced hourly rates
     

  • Guaranteed response times
     

  • Pre-paid hours sold in blocks of 5, 10, 20, and 40 hours (billed annually)
     

  • Convert 100% of unused hours toward Blackpanda consulting services
     

  • All retainers include no-cost deployment of Pandarecon

Services

Insured Incident Response

For the greatest cost-efficiency in managing the impact of a cyber breach, Blackpanda Incident Response is also available via cyber insurance policies offered by a range of insurance carriers in the region.

aig-logo.png
Pandamatics-(blackonwhite) (1).png

Coverage typically includes: 

  • All Blackpanda fees

  • First and third-party losses

  • Business interruption losses

  • And more...

Services

Blackpanda Consulting Services

Retainer clients may convert unused hours toward any of the following Blackpanda digital forensics and incident response consulting services. 

All Blackpanda retainers include no-cost deployment of Pandarecon risk analysis and remote response technology.

Risk Analysis & Vulnerability Management

Pandarecon provides senior leadership with dashboard visibility over security and configuration vulnerabilities across your environment. Take advantage of real-time risk scoring both on individual endpoints and in aggregate, with recommendations for remediation to help you strategically manage and minimize risk.

Remote Response & Forensic Data Collection 

Pandarecon also serves as the first responder in the event of a breach. Blackpanda’s proprietary incident response software and endpoint agent gathers key forensic evidence and log data, allowing immediate remote response and increased responder efficiency during an investigation. 

Incident Response

Process Overview

The Blackpanda DFIR team is comprised of a skilled set of practitioners who are highly experienced and well-trained in crisis management. The team follows procedures developed by Blackpanda, based on a combination of industry best practices (SANS, NIST, ISO) and the requirements of our specific tools and capabilities.

PREPARE

Upon suspicion of incident, client shall:
 

  • Contact Blackpanda 24/7 notification center

  • Submit to Blackpanda the incident data-ingestion form

  • Continue to monitor incident for developments

IDENTIFY

Blackpanda will within 4 hours: 
 

  • Respond

within 4–24 hours: 
 

  • Deploy Pandarecon to suspected compromised endpoints

  • Begin data collection

within 48 hours:

  • Determine validity of event

  • Conduct preliminary analysis

  • Define scope and assign roles

  • Communicate plan of action

  • Begin containment & remediation

CONTAIN, ERADICATE & RECOVER

Beyond 48 Hours: 
 

  • Contain/Quarantine the incident

  • Conduct root cause analysis

  • Confirm/Deny data exfiltration

  • Extended remediation

  • Recover lost data (if possible)

  • Assist in restoring business operations to normal

  • Submit initial assessment report

LESSONS LEARNED

Final Report Covering:
 

  • Cause of breach

  • Methodology used

  • Remediating actions

  • Recommendations for further improvement of security posture

Copyright © 2020 Blackpanda.
All Rights Reserved.

HONG KONG

Room 37, Level 5, Core F

Cyberport 3

100 Cyberport Rd

Hong Kong

+852 6975 1099

SINGAPORE

6 Raffles Quay
#11-07
Singapore (048580)

+65 6692 9110

JAPAN

301, 2-7-18

Nishiazabu Minato-ku

Tokyo 106-0031

+81 80 2077 9824

MALAYSIA

D1-U3A-6 Solaris Dutamas

Jalan Dutamas 1

50480 Kuala Lumpur

+60 3 6206 2582

PHILIPPINES

Penthouse, World Plaza Bldg.

5th Ave., Bonifacio Global City

Taguig City 1634

+63 2 8250 6110

  • LinkedIn
  • Facebook
  • Twitter