Sold by: WithSecure Corp.
WithSecure Incident Response Retainer service is an insurance-like service, which provides SLA-backed, 24/7/365 on-demand access to skilled Incident Response (IR) resources during a cybersecurity incident, whose primary objective is to ensure the business continuity of the client.
Acquiring and maintaining an in-house Incident Response capability is expensive. Organizations may have their own IR teams, but they simply don’t encounter the volume and variety of incidents necessary to maintain battle fitness. WithSecure provides IR services to businesses and enterprises across the globe that want to be resilient to cyber-attacks, minimize losses, comply with regulations, and earn the trust of their customers.
At WithSecure we have over 20 years of incident response experience.
Sold by: WithSecure Corp.
Overview
A well-handled security incident can be resolved in hours, rather than days or months, and at a fraction of the cost of a poorly handled incident. It takes a lot of experience, resources, and personnel to respond to an incident quickly and effectively while maintaining business continuity and minimizing the overall costs of the incident.
Acquiring and maintaining specialist in-house capability to respond to a security incident is often prohibitively expensive. Similarly, during an unforeseen cyber security incident, reactive incident response measures from non-specialists are often slow and ineffective - and still expensive.
During a cyber security incident, the WithSecure Incident Response (IR) Retainer service solves these issues by providing on-demand, SLA-backed access to skilled Incident Responders, whose primary objective is to ensure the uninterrupted operation of the client’s business.
The service is delivered by WithSecure’s seasoned Incident Responders, who employ industry best practices and draw on decades of experience, which includes regularly defending WithSecure clients against highly skilled criminal and state-sponsored groups. WithSecure’s IR capabilities are accredited by government agencies: by the NCSC-UK (CIR L1 & L2) and by the NCSC-DE (APT- Responder Provider).
WithSecure’s IR team specializes in responding to cyber security incidents in complex on-premises and cloud environments. Additionally, the IR team can engage a wider team of WithSecure security specialists that covers all aspects of computer technology, such as Operational Technologies (OT) and Mainframe Systems to support complex engagements.
Scenarios where the client may need to invoke the service include: suspected intellectual property theft or data breach, ransomware attack or unexplained malware detections on key systems, root cause analysis requirement following a fraud or other operational incident, and-or local authority notifications of suspicious network traffic.
Incident Response Retainer provides priority access to the Incident Response experts - with special focus on the first critical hours of an incident, even during industry-wide events and other periods of high demand. The first hours of an attack are vital for limiting the damage. Not just to mitigate direct damages, but it’s also important for GDPR compliance, as organizations are required to report certain incidents within that time frame.
Our methodology is based on NIST’s industry-standard incident response lifecycle and has been honed over a decade of dealing with cyber-attacks. Our co-security approach goes beyond just helping you respond when the worst happens - we focus just as much on readiness, enabling you to build confident teams that are trained to respond under pressure.
Customers use a range of tools. We are technology agnostic. We use available resources to deliver value as efficiently as possible. For customers that lack sufficient tooling, we use on our endpoint detection and response sensors, which are the foundation for our products and MDR services.
Benefits of the WithSecure IR retainer include: • Availability - On-call global support 24/7/365 • Speed - Guaranteed quick assistance • Expertise - Guaranteed assistance from certified IR experts with daily experience • Flexibility - We adapt to your tools and capabilities • Regulatory satisfaction - We enable you to comply with industry regulation and standards
For private offers, please reach out to us at: withsecure.AWS.marketplace.activities@withsecure.com
Highlights
- First Response: • Immediate support provided by IR specialists during the critical first hours. We contain the attack and seek to understand as much as we can without alerting the attacker. • We provide you with an initial scope of the incident, guidance on preserving evidence and an estimated effort required to resolve the incident.
- Incident Resolution: • Once the attacker is contained after an incident and we understand sufficiently the attacker’s behavior, we coordinate with your IT team to expel the attacker, recover your business to your desired target state, and apply the lessons learned to protecting your business from future incidents. • Post incident review.
- Comply with regulations in on-premises and cloud environments: • WithSecure’s IR team specializes in responding to cyber security incidents in complex on-premises and cloud environments. • Our IR capabilities are accredited by government agencies. In the UK we're accredited by the National Cyber Security Centre's Certified IR scheme (CIR L1 & L2), and in Germany by the German Federal Office for Information Security (BSI) (APT-Responder Provider).
Details
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Resources
Vendor resources
Support
Vendor support
When you purchase our solution through the AWS Marketplace, it automatically includes our Advanced Technical Support service for the solution. This service provides priority access to our experienced technical support engineers, response time targets starting at 1h for critical incidents, an online tool for managing support case tickets, as well as call-back service and remote troubleshooting support. http://www.withsecure.com/en/support/contact-support/email-support
Software associated with this service
WithSecure Elements Exposure Management (XM)
By WithSecure Corp.
WithSecure Elements Exposure Management (XM) is a continuous and proactive solution that predicts and prevents breaches of your organization's assets and business operations. Elements XM provides visibility into your attack surface and enables the efficient remediation of its highest-impact exposures, thanks to our exposure scoring and AI-enabled recommendations. Get one solution for comprehensive digital exposure management and visibility across your external attack surface and internal security posture, to proactively prevent cyber-attacks. Elements XM offers continuous recommendations on how to improve your security posture, reduce business risks, and minimize your attack surface.
WithSecure Elements Extended Detection and Response (XDR)
By WithSecure Corp.
WithSecure Elements XDR is a unified solution to protect today's hybrid IT estates. It minimizes the impact of attacks through automated advanced preventative controls that reduce incident volumes and mitigate lower-level attacks. Its AI-powered tooling enables fast detection, investigation and response to threats across endpoints and identities. Elements XDR addresses advanced cyber threats such as malware, ransomware, stolen user credentials, and targeted attacks simply with a single solution. Organizations can also complement their Elements XDR with our flexible Co-Security Services, like WithSecure Managed Detection and Response (MDR) service, where our experts take care of Detection and Response (D&R) on your behalf.