Do you know what to do when you get hacked? We do.

Asia’s first cyber incident response service tailored to small and medium sized businesses.

To prepare and defend.

When someone breaks into your shop, you call the police. When there’s a fire, you call the fire department. But who do you call when you’ve been hacked? That’s where we come in.

Blackpanda is Asia's leading local cyber incident response firm, dedicated to helping regional businesses strengthen their cyber resilience and secure their digital operations.

The leading cyber incident response solution for Asian business

IR-1 is a yearly subscription designed for small and medium sized enterprises in the Asia Pacific region, with limited IT and security resources.

As part of your 1-year subscription, your organisation receives*:

Emergency incident response

Quick and easy activation of our local support service in case of a suspected attack

Blackpanda ASM security scans

We identify vulnerabilities in your systems and alert you to critical gaps in your defence.

Incident response preparation resources

Practical guides and other actionable information for you and your team.

*Coming in 2024: Enhanced offers for IR-1 subscribers, including:

Continuous Attack Surface Scans and on-demand report generator for even better risk management.

Financial Damage reports to help you budget for IT and cyber security spendings.

Automated cyber insurance pricing to help you assess whether this next step in cyber resilience is the right one for you.

Speak to your IT service provider today about getting Blackpanda’s IR-1 solution for your business. Or simply contact us and we’ll take it from there.

Blackpanda ASM security scans

See your company like hackers see it.

Gain crucial visibility into your organisation’s attack surface and a better understanding of your vulnerabilities with Blackpanda ASM scans as part of your IR-1 subscription.

New in 2024: Continuous scans and live reporting dashboard for 24/7 visibility into your attack surface. Plus, even more comprehensive scanning capabilities for a truly extensive and in-depth assessment of your vulnerabilities.

Prevent hackers from exploiting gaps in your defences

Efficiently allocate resources to critical vulnerabilities that pose the greatest risk

Gain a better understanding of your infrastructure and address misconfigurations

Strengthen your cyber defences over time with tailored recommendations

No complicated installations or system interference with our cloud-based, external scans

How Does IR-1 Work?

Suspected Cyber Incident

Client contacts Blackpanda’s 24/7 notification centre.


Blackpanda acknowledges incident

Blackpanda specialists work with client to collect preliminary information and identify type of incident.


Responders define scope of incident, plan course of action and begin containment.

Contain & Recommend

Blackpanda contains the incident to prevent further damage and provides assessment of data loss and root cause. If needed, Blackpanda will attempt to recover lost data.

Final Report

Report includes recommendations on actions for further remediation and long-term security improvements.

Not a subscriber yet? This is how you can buy IR-1.

We currently sell IR-1 exclusively through our channel partners across Asia. We are proud to be partnering with some of the largest and most innovative companies in the region.

Need more cyber incident support?

For organisations that want to improve their cyber resilience even further, cyber insurance may be a good option. Pandamatics Underwriting, one of Asia’s first home-grown cyber MGAs, provides preferential rates to Blackpanda customers who buy an insurance policy.

Much like IR-1, cyber insurance is your critical support network for when the worst happens - it is just even more comprehensive.

IR-1 Subscription

Emergency incident response

Security scans

Cybersecurity resources

Exclusive events

Cyber insurance

Everything in an IR-1 subscription

Extensive post-breach remediation and business restoration

Legal counsel to manage the regulatory and legal fallout from a breach

Public relations support to avoid reputational damage

Reproduced here with the permission of Pandamatics Underwriting. Original found at Pandamatics.

Pandamatics is committed to providing comprehensive insurance cover to businesses in the region and helps them secure their digital operations.


If you cannot find the answer to your question, contact our Sales team and they’ll be happy to talk to you.

Who is IR-1 for?

IR-1 is for small and medium sized enterprises in the Asia Pacific region with fewer than 500 endpoints, and with limited IT and security resources. IR-1 has been designed to help these organisations recover from a cyber attack (hacking) incident.

What is included in IR-1?

IR-1 is an annual subscription. You get: 

  • Expert incident response in case of a hack: You receive an IR-1 credit which you activate in case of a suspected attack.
  • Continuous ASM security scans: We identify vulnerabilities in your systems and alert you to critical gaps in your defence.
  • Incident response preparation resources: Practical guides on setting up cyber security tools and processes, and other actionable information for you and your team.
What is Blackpanda ASM?

Blackpanda ASM stands for “Blackpanda Attack Surface Management”, an advanced method for scanning digital infrastructure and identifying security vulnerabilities. Blackpanda ASM is a core component of your IR-1 subscription, giving you visibility into your systems and actionable insight that allows you to address gaps in your defences before hackers exploit these. You can find out more about this technology here.

What’s new in 2024?

Our tech team has been busy working on improvements and new features to make IR-1 even more powerful.


  • Weekly attack surface scans (ASM scans) with our Blackpanda ASM scanning tool
  • Quarterly security reports
  • Post-incident reports

Coming in January 2024:

  • Continuous ASM scans, for constant vigilance and greater security
  • On-demand reports via a new live dashboard, for even better monitoring and faster response
  • Financial damage estimates included in post-incident reporting, to help you better budget for future IT and cyber security spending
Do I need to install any software for my IR-1 subscription?

Nothing is installed on your systems. Our attack surface management tool, Blackpanda ASM, works in the cloud and does not require any plugins or agents.

What do I do if I lose my access key to the IR-1 Portal?

Contact us at and we’ll help you retrieve it. Be sure to include the following information: 

  • Your full name
  • Your organisation’s name
  • [If applicable] The name of the company that sold you our product, i.e. your telco provider, system integrator, or security hardware/software provider
What should I do if I believe my organisation is experiencing a cyber incident?

Log on to to report a cyber incident and activate the IR-1 incident response service. An incident responder will be in touch to walk you through the best course of immediate action. In most cases, this initial contact happens within an hour of the incident being reported.

What is included in the IR-1 incident response credit?

The IR-1 credit entitles you to incident response in case of a cyber emergency. It grants you access to our incident response specialists, digital forensics and security professionals (applicable to qualified cyber incidents only). Your IR-1 credit includes root cause and scope of breach investigation, incident remediation and a final report on findings and recommendations. The credit does not include restoration of business activities and implementation of extended remediating actions.

What is a “qualified cyber incident”?

A cyber incident is defined as such if it includes Basic Web Application Attacks, System Intrusion, Business Email Compromise, Malware or Ransomware. In addition, a qualified cyber incident must satisfy the following two criteria: 

  1. The compromise date must be later than the registration/renewal of the IR-1 subscription. 
  2. The root cause/cause of the incident must be different from any previous incident for which IR-1 has been activated, unless Blackpanda-approved mitigation measures have been implemented.
What happens if the initial investigation reveals that I activated my IR-1 credit for an incident that is ultimately not considered qualified?

When we receive your Incident Response activation request, our multidisciplinary regional responders are activated and will start to investigate the suspected incident immediately. As such, regardless of whether the investigation reveals the incident to qualify for our services or not, your IR-1 credit will be redeemed. You may, however, wish to continue with our digital forensics and incident response services at a preferred rate (up to 20% in savings), and continue to use our cyber security e-resources.

What if my IR-1 credit has been used and my company is hit for the second time within the subscription period?

In addition to unlimited access to cyber risk e-resources, you can still access all Blackpanda services at a preferred rate (up to 20% in savings), including incident response and digital forensic services.

What else can I do to increase cybersecurity at my organisation?

At Blackpanda, we offer additional services to help you strengthen your defences and preparedness (this is also often referred to as “strengthening your security posture”). For instance, you may wish to consider incorporating regular in-depth compromise assessments to eradicate vulnerabilities in your systems and conducting tabletop exercises to review the readiness of your team. Blackpanda’s experts can help with all of these, so contact our team today to find out more.

Defend your business.
Subscribe to IR-1.

They say it's not a matter of if you get attacked, but when. With IR-1 by Blackpanda you strengthen your cyber defences and build greater resilience to cyber attacks. In a crisis, we are your local partner on hand to guide and support you, so you don't have to fight alone. Speak to our team today about how IR-1 can help your organisation.