Incident Response & Forensics Services |
|
 | | | |
|
| The
Purpose | Conduct
a thorough investigation. Help stop the attack. Contain the damage.
Improve your systems and practices. Gather evidence. We
develop policies and procedures for the people on the front line of
incident
detection and response. |
| Value
to You |
Minimize
loss of revenue. Benefit from an investigative approach that's legally
approved and forensically sound. Safeguard the trust you've built with
customers and partners. Safeguard your compliance with Visa,
MasterCard PCI Program - and adhere to reporting requirements. |
| How
We Work | Help
prepare you to respond to breaches. Provide rapid response when
incidents occur. Provide computer forensic and expert witness services.
Minimize the damage. Help you recover. |
| The
Results |
Recommended
countermeasures to contain the attack. Support of Alawy's Incident
Response Team. Forensic evidence of the
cause. Expert reports and testimony if needed. Recommendations to leave
you stronger. |
| Why
Alawy | Alawy
has worked to secure the networks of Fortune 500 companies in the
financial, energy, insurance, media and consumer goods sector in the
United States. Read about Our
Approach - the foundation for all our work. |
| Next Steps | To
talk with us about security and your business, call (860) 859-3564
(U.S.) or visit the Middle
East. You can also submit
your inquiry online.
Or, see the Security
Consulting Services Overview. |
Alawy helps Fortune 500 companies respond to denial of service
attacks and other network security breaches. We develop policies and
procedures for the people on the front line of incident detection and
response.
The
Purpose You need to have an incident response plan in
place—even if expert support is immediately available. We develop
policies and procedures—and most importantly train the people on the
front line of incident detection and response. We help you—once we’ve
prepared you to handle a security breach—to:
Stop
the Attack
The first objective of incident
response is to stop the attack. Whether it’s internal or external, the
attack can shut down your business, compromise confidential
information, and erode the trust of your customers.
Contain the Damage
Once the
attack has been stopped, we focus on minimizing damage and improving
the system to prevent future incidents. Speed and quality are
essential. They often determine the ability of a business to recover
and contain damage.
Gather Evidence
We also investigate to determine the extent of the damage and gather
evidence. Evidence is essential when credit card data or other
confidential information has been compromised. It may also be part of
legal or contractual requirements.
Back
to top
Value to You Minimize
Business Interruptions
Your business can halt
or be severely stalled if your e-commerce or Web-based applications go
down. We protect your revenue-generating activities by helping you to
minimize attacks—and to stop them quickly.
Safeguard
the Trust You’ve Built
The trust of your
customers, employees, and business partners is as valuable as your
revenue. They trust you with the security of their confidential
information. We help you to minimize the theft or misuse of
confidential data—and to respond quickly if a breach occurs.
Safeguard Your Compliance
If
you’re a merchant or a service provider, your participation in the Payment
Card Industry (PCI) Security Standard, Visa Cardholder Information
Security Program (CISP) and the MasterCard Site Data Protection (SDP)
Program may be essential. If you’re attacked, we can launch
an immediate investigation to find out who’s responsible—and to
safeguard your compliance.
Intrusion
Detection Engineering and Support
We help you
design, deploy, and tune Intrusion Detection Services (IDS)
implementations. We train your staff on the proper review process for
alerts. We assist with IDS training and response planning. We review
reports with you as needed and supply organizations with a list of
high, medium, and low threats as they arise. We can also simulate
attacks to test and validate your IDS technology and response
capability.
Back to top
How We Work
- We prepare you.
Experts say that 98 per cent of businesses will suffer a security
breach this year no matter what they do to prevent it. We help you to
prepare for the breaches that you can’t prevent.
Through our Security Architecture and Design Solutions, we:
•
Help you architect your network to detect security breaches better
• Help you structure your network to be able to resist a breach—and
allow the network to recover more quickly.
Through our Security Policy and Program Services, we:
• Help
you develop policies and practices to deal with a breach quickly and
effectively—to evaluate and contain it.
• Train your
employees to prepare them for what they need to do when a breach occurs.
- We respond quickly.
A quick response requires an immediate impact assessment. We assess the
scope of the breach, where its coming from, its impact, and its
severity. We then rank the results to determine the quickest and most
effective way to stop or at least mitigate the attack. We can often
give your network and system administrators the details that they need
over the phone. If not, we come to your site.
- We
investigate. An attack may require a
forensic analysis:
• We gather evidence that points to the
cause of the incident. We examine logs. We make forensic copies of
infected systems. We review the copies with forensic tools. We
interview your staff.
• We preserve the evidence in case you
take legal action.
• We analyze the evidence to determine how
to contain and recover from the incident.
• We obtain image
copies of affected systems following industry-recognized forensic
procedures. - We contain
the damage. We examine the evidence to make
sure that the action we take to neutralize the breach gets to it’s root
cause. We then recommend counter-measures to:
• Stop the
spread of the incident
• Minimize its damage
•
Limit its effect on the systems critical to your business. -
We help you recover. Finally,
we help to restore your network and data. We can also provide disaster
recovery and business continuity solutions—which encompass redundant
data storage, diverse network connectivity, fault-tolerant facilities,
and monitoring services—to help you prepare for future incidents. Find
out more about these in our “Disaster
Recovery and Business Continuity Solutions” section.
- We report our findings.
We assemble our findings in a report that—if you need to—you can use
for legal proceedings.
Back
to top
The
ResultsEmergency Response.
We provide rapid response to the incidents you face. Our security and
network experts are always available—and they have extensive experience
and awareness of the most current threats to systems worldwide.
Countermeasures to Contain the Attack.
We provide you with specific technical instructions about what to do to
stop the attack and minimize damage.
Support
from Our Incident Response Team.
Alawy’s
Incident Response Team helps your staff to respond to security
incidents when they happen.
Forensic Evidence.
We provide you with a
report that summarizes our findings. We provide technical details about
the investigation process. We present the evidence that we’ve uncovered
from the logs, the infected systems, and through our interviews with
the staff.
Recommendations
for Recovery and Improvement. An attack can leave you
stronger. We analyze the causes behind the breach and recommend
improvements to your network, your policies, and your staff’s ability
to prevent and respond to future incidents.
Back
to top
Why
Alawy
Alawy has worked to secure the networks of Fortune 500
companies in the financial, energy, insurance, media and consumer goods
sector in the United States. A significant amount of this experience
has been within the financial services and banking sectors—assessing
infrastructure security and architecting and deploying secure
solutions. We participate in the FBI's InfraGard as advisers in threat
and security matters.
Our Security Consultants are Software Engineers trained in
Information Security. They understand systems architecture. They see
the whole picture. We’re not a software company limited to our own line
of products. We provide our clients with the solution that best fits
their business and budget needs. We do not cater to a "one size fits
all" approach. Our focus is on protecting the sensitive information you
are trusted to safeguard -- information belonging to your business and
your clients -- from malicious theft or careless mishandling.
Security isn't just about
security; it's about your business. We focus on providing solutions
tailored to your corporate goals and the real threats you face. Read
about Our Approach
- the foundation for all our work.
Focus on your business:
- We help you stay competitive. We use
our knowledge and experience to benchmark your risk against your
industry.
- We value actions by their
consequences. Our focus is consequences, not just risk.
-
We focus on our relationship with our customers. Our goal is to be your
trusted security advisor.
- We provide
recommendations that are vendor independent to give you the freedom to
implement the solution that suits you best.
- We
help you stay competitive. Our business is security, not just
consulting.
Focus on our experience:
- We have a wide variety of clients
in a broad range of industries.
That exposes us to the need for many different architectures, designs,
and solutions.
- Our consultants
ar/clients/index.jspsionals who’ve worked with Fortune 500 companies or
in the financial, energy, insurance, media and consumer goods
industries.
- Our team of consultants is made up
of Certified Information System Security Professionals (CISSPs).
Back to top
|  |
