Cyber attacks can have a catastrophic impact on SMBs
60%
of SMBs go out of business within six months of a data breach or a cyber attack
87%
of cyber attacks are aimed at SMBs
86%
of SMBs are unable to defend themselves against a cyber attack
How does IR-1 work?
Investigation procedures in compliance to industry best practices (SANS, NIST, ISO).
Suspected Cyber Incident
Contact Blackpanda 24/7 notification center
Submit to Blackpanda the incident data-ingestion form
Continue to monitor incident for developments
Identify
Determine the validity and severity of the event
Deploy endpoint data collection tools
Begin data collection
Analyze
Conduct Preliminary Analysis
Define scope and assign roles
Communicate plan of action
Begin containment and remediation
Contain, Eradicate and Recover
Contain/Quarantine the incident
Conduct root cause analysis
Confirm/Deny data exfiltration
Recover lost data (if possible)
Assist in restoring business operations to normal
Final Report
Cause of incident and response methodology
Recommendations for remediating actions
Recommendations for further improvement of security posture


Discounted Services
Gain access to discounted rates on Blackpanda services through your purchase of an IR-1 subscription.

Cyber Incident Response

Compromise Assessments

Digital
Forensics
.png)
Incident Response Preparation

Loss Adjusting & Investigations
IR-1 FAQs
IR-1 is for small and medium sized enterprises in the Asia Pacific region with less than USD 50 million in annual revenue, and with limited IT and security resources. IR-1 has been designed to help these organisations recover from a cyber attack (hacking) incident.
IR-1 is an annual subscription. You get:
- One incident response in case of a hack: You receive an IR-1 credit which you activate in case of a suspected attack.
- Weekly recurring security scans: We identify vulnerabilities in your systems and alert you to critical gaps in your defence.
- Cyber security resources: Practical guides on setting up cyber security tools and processes, in-depth reports on malware trends, and other actionable information for you and your team.
- Invites to exclusive online events to learn and connect with peers.
Nothing is installed on your systems. Blacklight, our attack surface management tool works in the cloud and does not require any plugins or agents either.
Contact us at ir1-support@blackpanda.com and we’ll help you retrieve it. Be sure to include the following information:
- Your full name
- Your organisation’s name
- [If applicable] The name of the company that sold you our product, i.e. your telco provider, system integrator, or security hardware/software provider
Log on to ir1.blackpanda.com to report a cyber incident and activate the IR-1 incident response service. An incident responder will be in touch to walk you through the best course of immediate action. In most cases, this initial contact happens within an hour of the incident being reported.
The IR-1 credit entitles you to incident response in case of a cyber emergency. It grants you access to our incident response specialists, digital forensics and security professionals (applicable to qualified cyber incidents only). Your IR-1 credit includes root cause and scope of breach investigation, incident remediation and a final report on findings and recommendations. The credit does not include restoration of business activities and implementation of extended remediating actions.
A cyber incident is defined as such if it includes Basic Web Application Attacks, System Intrusion, Business Email Compromise, Malware or Ransomware. In addition, a qualified cyber incident must satisfy the following two criteria:
- The compromise date must be later than the registration/renewal of the IR-1 subscription.
- The root cause/cause of the incident must be different from any previous incident for which IR-1 has been activated, unless Blackpanda-approved mitigation measures have been implemented.
When we receive your Incident Response activation request, our multidisciplinary regional responders are activated and will start to investigate the suspected incident immediately. As such, regardless of whether the investigation reveals the incident to qualify for our services or not, your IR-1 credit will be redeemed.You may, however, wish to continue with our digital forensics and incident response services at a preferred rate (up to 20% in savings), and continue to use our cyber security e-resources.
Still have questions? Let's chat.
Local Responders
Blackpanda deploys highly trained teams of cyber security incident response specialists throughout APAC, with the local linguistic and cultural understanding necessary to manage a crisis. We are able to activate both remote and on-site responders for fast and efficient boots on the ground.
Hyper-Specialization
Our focus is an inch wide and ten miles deep, exclusively in the niche of cyber security digital forensics and incident response. Our responders bring specialized experience and regularly train on a range of incidents including ransomware and negotiation, maritime response, and operational technology.
Military Precision
Our team consists of an elite cadre of cyber risk and security experts from military special forces, intelligence, forensics, and law enforcement backgrounds. Our military origins drive our culture of efficient operational processes, precise delivery of high-quality service, and consistent responsiveness — we bring our lessons from the battlefield directly to the board room.