Incident Response

We employ the industry’s “top brass” to build Incident Teams made up of Incident Handlers (who determine what happened), Incident Managers (who coordinate the overall Incident Response), and Incident Leads (who act as points-of-contact and interfaces between the Handlers and Managers). 

These dynamic teams work together to determine the full breadth of what the security event entailed, guide decision-making, remove roadblocks, and employ the tools necessary to accomplish the organization’s goals.

In the event of an information security breach to your organization,  Krypton offers the following Incident Response services:

1. Forensics/Incident Response – An analysis performed during a compromise to determine what happened, gather evidence of compromise throughout the organization, and develop strategies to contain, eradicate, and remediate the incident
2. Threat Hunting – Proactive searching of an organization for evidence of compromise, which can occur outside of a compromise, or as the post-analysis after an incident has been remediated
3. Malware Analysis – An in-depth analysis of malware to determine indicators of compromise and the malware’s capabilities
4. Incident Response Program (IRP) Table Top Exercise – Performing a hands-on walk-through of an organization’s Incident Response program using mock incidents to ensure it works as expected.
5. User Education Training – Training on computer forensics, Incident Response, and malware analysis for both management and technical responders
6. Technical Surveillance Counter-Measures (TSCM) – Analysis of a physical location to find electronic surveillance devices.

With perpetrators ranging from malicious insiders to international hackers, security breaches come in many forms. Krypton’s Incident Response team assists clients in determining the WHAT, HOW, and WHEN of a breach, while developing a plan and process to contain and remediate the damage.