Incident Response Consulting
Our Incident Response Consulting practice specializes in helping organizations from small businesses to Fortune 100 enterprises respond to incidents quickly and effectively. Backed by Red Canary‘s exceptional technology and people, Antigen Security can help you through any incident.
We can investigate and help you through:
- Business Email Compromise
- Destruction or Defacement of systems
- Insider Threat
- Intellectual Property Theft
- Personally Identifiable Information (PII) loss
- Protected Health Information (PHI) loss
- Attacker Communications & Negotiation
Your investigation will provide:
- An executive summary of findings and recommendations
- A complete analysis of all in-scope systems and log data
- A timeline of attacker activity explaining key milestones and conclusions in any discovered events
- A threat intelligence breakdown including critical Indicators of Compromise (IOCs) and attacker identification
- Identify stolen data and provide evidence for legal and insurance purposes
- Understand the initial point of compromise and gain concrete knowledge to remediate and prevent future attacks
Recovery Engineering Consulting
Our Recovery Engineering Consulting practice has one mission: enabling the restoration of your operations as quickly, securely, and responsibly as possible in the face of disaster. Whether your environment has been the victim of a Ransomware gang, or a former employee destroyed systems on their way out, we can help.
We can support you through:
- Post-Ransomware recovery and restoration/decryption of data and systems
- Post-compromise recovery of 3rd party hosted applications and data
- Disaster Recovery & Business Continuity planning, execution, and assessment
- Security Architecture and Project reviews, including both pre and post implementation support
Your engagement will provide:
- An executive summary of project outcomes and recommendations
- A timeline of project activity explaining key milestones and outcomes
- Security & Compliance review of related changes and systems
- Recover from or plan for disasters, outages, and other system impacts expediently, responsibly, and securely
- Recommendations for future improvements and risk mitigation
Managed Detection & Response
Antigen Security Titan Defense is a Managed Detection & Response solution that brings together the power of Red Canary’s superior MDR technology with the expertise and support of the Antigen team. Our goal is to be your security ally, allowing you to focus on other important tasks as we monitor, detect and respond to threats to your entire enterprise architecture in real time. Our experts partner with the incident handlers at Red Canary to remediate threats to your environment on your behalf—giving you peace of mind knowing you have a team in your corner doing the heavy lifting.
Benefits of Titan Defense:
- Expert team in your corner
- Around the clock coverage
- Award-winning Red Canary technology
- Remediation of threats on your behalf
- On-demand advisory services available when needed
Titan Defense provides:
- Code-based detections that operate with full freedom on raw telemetry
- 3,000+ behavioral-based detectors updated on an ongoing basis
- Transparency in operations so you know every step in the process
- Summary reports that measure Antigen Security and Red Canary’s performance in your environment over time including response time, threat detection effectiveness and more
Training & Education
Antigen Security seeks to instill knowledge and expertise with partners and clients alike. Whether planning your organization’s Incident Response program or teaching your engineers and technical leaders the finer points of Detection Engineering, Antigen’s Training & Education practice can help.
Training can be focused on:
- Detection Engineering – Training for Engineers and Technical Leaders on establishing their Security Operations lifecycle, and continually improving detection capabilities & threat intelligence programs by leveraging the Antigen Security Detection Lab. Content provided at different skill levels: Foundation (Beginner), Advanced (Intermediate), and Elite (Expert)
- Incident Response Planning – Training for all key leadership and staff required to identify and respond to security incidents, engaging and coordinating both the teams and communication required, as well as containment, preservation, and triage strategies for common threats. Includes an expert-lead tabletop exercise to test and review established or revised Incident Response Plan.
- Detection & Response Briefing – Training for Boards and Executive Leadership on establishing and executing multi-faceted, company-wide strategies to increase the resilience of the business to cyber threats and extinction events. This can include a cyber liability insurance review as well as cyber law readiness discussion.
Retaining Antigen Security and planning your annual security spend doesn’t simply reduce costs, it also increases the velocity of investigations, guarantees the response time your business needs, and can lower your cyber liability insurance, legal, and overall security costs.
Unused retainer can be converted into services each year, resulting in no lost value or funding.