Incident Response

When you're under attack, Fortis specialists will fight by your side

Your organization’s ability to mount a proper response to a security incident makes all the difference in the world. If you don’t have the right strategy and resources in place to quickly stop or contain an attack, it has the potential to cause damage so extensive you may never recover. The Fortis portfolio of Incident Response solutions take full advantage of our extensive expertise with threat suppression and provide a partner you can count on to restore control and stability when facing a nightmare situation.

  • Efficient and Effective – The Fortis team has a wealth of experience responding to incidents for organizations of all types and sizes. We have developed proven methodologies that enable us to shut down attacks quickly so you can minimize impact, save money, and get back to work faster.
  • Deep Investigation – Our analysts come armed with the latest information from the Fortis Threat Exchange (FTE) along with other major security intelligence resources, and are passionate about hunting down and containing bad actors or malicious activity within your environment.
  • Custom Engagement – Fortis understands every organization is different, which is why we collaborate with you to develop an optimized IR plan that accounts for your specific needs, investments, and resources.
  • Advanced Security Tools – Once the incident has been remediated and normal operations restored, Fortis can provide your organization with many of the advanced security tools and services used as part of the IR investigation process. These have the ability to strengthen your security posture and ensure faster detection and response times in the future.

While Fortis ActiveRecovery and IR Retainer services aim to significantly reduce your time to respond to and recover from a breach or other cyber incident, we also offer a number of proactive measures designed to ensure your team and environment are properly prepared to handle an attack when one occurs.

Fortis ActiveRecovery

When an incident occurs, be it a data breach, exfiltration, email compromise, or ransomware, the Fortis team of elite ActiveRecovery specialists can respond remotely or at your site to counteract the attack. Utilizing best of breed security products, our experts contain the threat, work to restore operations, reduce the attack vector, and perform forensics analysis to help your organization recover quickly.

Proactive Retainer

A Fortis Incident Response Retainer (IRR) is designed to be an adjustable agreement enabling your organization to set preferred rates, create a two-hour response SLA (service level agreement), and take advantage of our specialists’ experience via proactive services. Our consulting services and flexible use provisions ensure your invested hours can be applied in different ways to help maintain organizational readiness.

Compromise Assessment

This high level forensics evaluation of your organization’s environment is designed to detect past and present attacker activity. A Fortis compromise assessment can also identify security configuration issues, policy violations, and unknown vulnerabilities. It can be targeted to endpoints, email services, or customized to fit your specific needs.

Tabletop Exercise

Fortis tabletop exercises are designed to stress your organization’s processes, policies, tools, and proficiencies when it comes to responding to an incident. They have been developed with real-world scenarios based on NIST, SANS, and CIS standards. Tabletop exercises are built to be engaging and executed in a no-fault environment.

Readiness Assessment

Fortis proactive services develop, practice, and validate your organization’s capabilities, along with its readiness to successfully respond to an incident. You can take advantage of a wide range of readiness assessments and incident response plan development services, either as part of a retainer or ad hoc as needed. All services are fully customized to meet your unique needs.