Do you know what to do when you get hacked? We do.

Asia’s first cyber incident response service tailored to small and medium sized businesses.

Request more information
I already have IR-1
Arrow Right

To prepare and defend.

When someone breaks into your shop, you call the police. When there’s a fire, you call the fire department. But who do you call when you’ve been hacked? That’s where we come in.

Blackpanda is Asia's leading local cyber incident response firm, dedicated to helping regional businesses strengthen their cyber resilience and secure their digital operations.

The leading cyber incident response solution for Asian business

IR-1 is a yearly subscription designed for small and medium sized enterprises in the Asia Pacific region, with limited IT and security resources.

As part of your 1-year subscription, your organisation receives*:

Emergency incident response

Quick and easy activation of our local support service in case of a suspected attack

Blackpanda ASM security scans

We identify vulnerabilities in your systems and alert you to critical gaps in your defence.

Incident response preparation resources

Practical guides and other actionable information for you and your team.

*Coming in 2025: Enhanced offers for IR-1 subscribers, including:

Continuous Attack Surface Scans and on-demand report generator for even better risk management.

Financial Damage reports to help you budget for IT and cyber security spendings.

Automated cyber insurance pricing to help you assess whether this next step in cyber resilience is the right one for you.

Speak to your IT service provider today about getting Blackpanda’s IR-1 solution for your business. Or simply contact us and we’ll take it from there.

I’d like to know more

Blackpanda ASM security scans

See your company like hackers see it.

Gain crucial visibility into your organisation’s attack surface and a better understanding of your vulnerabilities with Blackpanda ASM scans as part of your IR-1 subscription.

New in 2025: Continuous scans and live reporting dashboard for 24/7 visibility into your attack surface. Plus, even more comprehensive scanning capabilities for a truly extensive and in-depth assessment of your vulnerabilities.

Prevent hackers from exploiting gaps in your defences

Efficiently allocate resources to critical vulnerabilities that pose the greatest risk

Gain a better understanding of your infrastructure and address misconfigurations

Strengthen your cyber defences over time with tailored recommendations

No complicated installations or system interference with our cloud-based, external scans

How Does IR-1 Work?

Suspected Cyber Incident

Client contacts Blackpanda’s 24/7 notification centre.

Identify

Blackpanda acknowledges incident

Blackpanda specialists work with client to collect preliminary information and identify type of incident.

Analyse

Responders define scope of incident, plan course of action and begin containment.

Contain & Recommend

Blackpanda contains the incident to prevent further damage and provides assessment of data loss and root cause. If needed, Blackpanda will attempt to recover lost data.

Final Report

Report includes recommendations on actions for further remediation and long-term security improvements.

Not a subscriber yet? This is how you can buy IR-1.

We currently sell IR-1 exclusively through our channel partners across Asia. We are proud to be partnering with some of the largest and most innovative companies in the region.

Request a callback

Need more cyber incident support?

For organisations that want to improve their cyber resilience even further, cyber insurance may be a good option. Pandamatics Underwriting, one of Asia’s first home-grown cyber MGAs, provides preferential rates to Blackpanda customers who buy an insurance policy.

Much like IR-1, cyber insurance is your critical support network for when the worst happens - it is just even more comprehensive.

IR-1 Subscription

Emergency incident response

Security scans

Cybersecurity resources

Exclusive events

Cyber insurance

Everything in an IR-1 subscription

Extensive post-breach remediation and business restoration

Legal counsel to manage the regulatory and legal fallout from a breach

Public relations support to avoid reputational damage

Reproduced here with the permission of Pandamatics Underwriting. Original found at Pandamatics.

Pandamatics is committed to providing comprehensive insurance cover to businesses in the region and helps them secure their digital operations.

Find out more at Pandamatics.com

IR-1 FAQs

If you cannot find the answer to your question, contact our Sales team and they’ll be happy to talk to you.

Contact Sales
Who is IR-1 for?

IR-1 is a one-stop-shop for everything a business needs to minimize financial impact after a cyber attack. It is for any business that is seeking an affordable, integrated, and comprehensive cyber emergency response, preparation, and financial recovery IR-1 addresses the three core aspects of post-attack cybersecurity solutions—Response, Recon, and Recovery—ensuring businesses are prepared with exactly what they need during and after a cyber incident.

For those requiring more tailored incident response preparation services, our flexible IR-X offering includes all the features of IR-1 plus customizable add-ons, such as multiple response credits and hours-based consulting service packages, like table-top exercises, purple-teaming, and threat-hunting, to name a few.

What is included in IR-1?

IR-1 is an annual subscription that includes:

  • Expert Incident Response: One incident response credit can be activated in case of a suspected attack, providing comprehensive incident response services, including investigation, containment, and neutralization of the threat.
    Learn More: What is Incident Response?
  • Continuous Vulnerability Scans: Weekly Attack Surface Management (ASM) scans and Dark Web monitoring to identify and alert you and your customers to critical security gaps.
    Learn More: What is Attack Surface Management (ASM)?
  • Automated Access to Cyber Insurance: Integrated access through the Blackpanda Platform to support your financial recovery, with comprehensive coverage and instant, one-click insurance estimates. The comprehensive cyber insurance product can cover up to $5m USD in claims and is backed by Lloyd’s of London and directly underwritten by Blackpanda Underwriting with optimized pricing provided based on the ASM results and incident response preparation services.
    Learn More: What is Cyber Insurance?
What is Blackpanda ASM?

Attack Surface Management (ASM) is an advanced external-only method for scanning digital infrastructure and identifying security vulnerabilities. It is a core component of the IR-1 subscription, providing visibility into customer security vulnerabilities and actionable insights to address gaps in their defenses before hackers exploit them. The ASM also serves to enhance the efficiency of Blackpanda’s incident response team as well as provide data for optimized cyber insurance pricing from Blackpanda Underwriting.
Learn More: What is Attack Surface Management (ASM)?

Do I need to install any software for my IR-1 subscription?

Nothing needs to be installed on your systems or your customers' systems. Blackpanda ASM works in the cloud and does not require any plugins or agents. This applies to all aspects of IR-1, including Readiness, Response, and Recovery, and ensures instant post-attack coverage upon purchase.

What should I do if my customer believes they are experiencing a cyber incident?

You or your customer can log on to the Blackpanda Platform to report a cyber incident and activate the IR-1 incident response service. An incident responder will be in touch to walk through the best course of immediate action. This initial contact is guaranteed to occur within 4 hours of the incident being reported. In most cases, it will be much faster.

What is included in the IR-1 incident response credit?

The IR-1 credit entitles the holder to comprehensive Level 3 incident responders in case of a cyber emergency (applicable to qualified cyber incidents only).

This includes:

  • Investigation: Determining the extent and scope of the attack.
  • Containment: Stopping the spread of the attack.
  • Neutralisation: Eliminating the threat.* 

The credit does not include the restoration of business activities or implementation of extended remediating actions. 

* Neutralisation requires collaboration with the end-user's IT team to implement remedial actions as recommended by the Blackpanda Incident Manager.

What is considered a “qualified cyber incident”?

A qualified cyber incident includes Basic Web Application Attacks, System Intrusion, Business Email Compromise, Malware, or Ransomware. Additionally, a qualified cyber incident must satisfy the following two criteria: 

  1. The compromise date must be later than the registration/renewal of the IR-1 subscription. 
  2. The scope of the investigation, as determined by the Blackpanda Incident Manager, must not exceed the number of endpoints covered by the subscription size. If the investigation scope includes more endpoints than covered, additional charges apply at the prevailing rate.
What happens if the initial investigation reveals that the IR-1 credit was activated for an incident that is ultimately not considered qualified?

When we receive an Incident Response activation request, our multidisciplinary regional responders start investigating the suspected incident immediately. Regardless of whether the investigation reveals the incident to qualify for our services or not, the IR-1 credit will be redeemed.

Note: Any deliverables outlined in the IR-1 activation Scope of Work will not be provided unless the incident is qualified.

What if an IR-1 credit has been used and a company is hit a second time within the subscription period?

Blackpanda services are available at standard hourly consulting rates, depending on team availability.

What else can be done to strengthen cybersecurity?

At Blackpanda, we offer additional Incident Response Preparation and consulting services to help strengthen defenses and enhance response, including:

  • Incident Response Playbooks: Customized response plans tailored to specific needs, providing clear guidance for fast and effective response.
  • Tabletop Exercises (TTX): Controlled simulations to test and refine incident response playbooks, improving emergency readiness.
  • Compromise Assessments: Thorough evaluations of security postures to identify existing threats or vulnerabilities and strengthen s.
  • Purple Teaming: Realistic exercises combining offense (red team) and defense (blue team) to test and enhance overall security.

Adding bespoke Incident Response Preparations services to IR-1 is called IR-X. For more information on these and other consulting services, please contact our team. We’ll be happy to help advise on the best solutions to meet your needs.

Are these incident response consulting services customisable to suit the customer’s budget and appetite for strengthening their cyber security posture?

We offer flexible consulting packages that can be tailored to address your unique challenges and security goals. Whether you need comprehensive, in-depth cyber defense strategies or targeted support in specific areas, our team will work with you to develop a solution that not only fits your budget but also effectively enhances your organization's cyber resilience.

Blackpanda’s experts can assist with all these services. Contact our team today to find out more.

Defend your business.
Subscribe to IR-1.

They say it's not a matter of if you get attacked, but when. With IR-1 by Blackpanda you strengthen your cyber defences and build greater resilience to cyber attacks. In a crisis, we are your local partner on hand to guide and support you, so you don't have to fight alone. Speak to our team today about how IR-1 can help your organisation.

Speak to us