Our Incident Response team will investigate any abnormal activity to understand what, when and how the incident occurred and of course, how to stop it from happening again.
We begin by identifying where malicious activity has taken place, collecting associated evidence, establishing the Tools Techniques and Procedures (TTPs) used and determine the severity, – ultimately aiming to halt further activity.
Crucially we create comprehensive documentation for future analysis.
Once the security incident has been established, we will perform immediate containment, this could be anything from isolating sections of your network to redirecting the attacker into a sandbox environment.
Once contained the team can begin to investigate the root cause of the issue, identifying the source, so we can focus on long-term containment. This happens while we regain or rebuild any lost systems.
Stripe OLT will identify the origins of the attack, remove any malicious files from infected systems, and take action to prevent similar attacks in the future.
Our team will regain control of your network, and bring production systems back online carefully, in order to prevent further attacks. We then test, verify and monitor systems to ensure they are back up and running, securely.
Following recovery, we will undertake a comprehensive overview of the incident. During this time, we will build a full report, in a language you can understand, and advise on further remediation works (if required). Crucially, we provide you with all the information you need, to prevent a breach from happening again.