The TrustedSec Incident Response Plan
At TrustedSec, our greatest asset is our people. We employ the industry’s “top brass” to build Incident Teams made up of Incident Handlers (who determine what happened), Incident Managers (who coordinate the overall Incident Response), and Incident Leads (who act as points-of-contact and interfaces between the Handlers and Managers). These dynamic teams work together to determine the full breadth of what the security event entailed, guide decision-making, remove roadblocks, and employ the tools necessary to accomplish the organization’s goals.
In the event of an information security breach to your organization, TrustedSec offers the following Incident Response services:
- Forensics/Incident Response – An analysis performed during a compromise to determine what happened, gather evidence of compromise throughout the organization, and develop strategies to contain, eradicate, and remediate the incident
- Threat Hunting – Proactive searching of an organization for evidence of compromise, which can occur outside of a compromise, or as the post-analysis after an incident has been remediated
- Malware Analysis – An in-depth analysis of malware to determine indicators of compromise and the malware’s capabilities
- Incident Response Program (IRP) Table Top Exercise – Performing a hands-on walk-through of an organization’s Incident Response program using mock incidents to ensure it works as expected.
- User Education Training – Training on computer forensics, Incident Response, and malware analysis for both management and technical responders
- Technical Surveillance Counter-Measures (TSCM) – Analysis of a physical location to find electronic surveillance devices.
An Uncompromising Approach to Incident Response
Organizations impacted by security incidents have a trusted partner in TrustedSec to determine the extent of the compromise and create actionable steps to keep damage under control.
Whether faced with a disgruntled employee, malicious insider, hackers, a large-scale breach, or you need assistance as an expert witness for litigation support, TrustedSec assists victim organizations with containment and remediation, ensuring damage and impact are minimized. TrustedSec can help identify how attackers are accessing your environment, determine how to mitigate the attackers access and help prevent future attacks We utilize industry accepted and top-of- class hardware and software for performing Incident Response to ensure quick and accurate results. The techniques used by TrustedSec are admissible in a court of law, ensure appropriate chain of custody, and maintain the highest quality standards.
Security breaches make headlines around the world on a daily basis.
With perpetrators ranging from malicious insiders to international hackers, security breaches come in many forms. TrustedSec’s Incident Response team assists clients in determining the WHAT, HOW, and WHEN of a breach, while developing a plan and process to contain and remediate the damage.
Team Lead Focus: Tyler Hudak
With over 20 years of real-world experience in incident handling, malware analysis, computer forensics, and information security for organizations including the Mayo Clinic, KoreLogic, and General Electric, Tyler Hudak’s reputation precedes him.
Tyler’s passion for incident response stems from his love of solving puzzles and was honed while he earned a Bachelor of Science in Computer Science from the University of Akron. He has investigated incidents of commodity malware, state-sponsored attackers, ransomware attacks, and more. Tyler’s first Incident Response project was the ILOVEYOU worm, sometimes referred to as the Love Bug or Love Letter, which attacked tens of millions of Windows personal computers in May 2000. His capabilities extend from Internet of Things devices to mobile, Windows, Mac, UNIX, and network compromises.
Tyler is a GIAC Certified Forensic Analyst (GCFA) and GIAC Certified Forensic Examiner (GCFE), and he created the MASTIFF Static Analysis Framework. Tyler has published documentation and taught workshops on malware analysis, and in February 2018, he took first place at the 2018 SANS CTI Summit DFIR NetWars Challenge.
Author: David Kennedy
Security expert, keynote speaker, avid gamer and the go-to for protecting companies from threats.