Incident/Breach Response & Forensics: 1 Day Implementation

Bridewell Consulting Limited

In the event that your organisation experiences a cyber security breach or incident, Bridewell can work to lead the containment and remediation strategy to eliminate attacker access and remediate.

Bridewell’s Incident/ Breach Response and Forensics offering provides organisations with a comprehensive rapid incident response service supported with comprehensive guidance and expertise from leading security experts. The service helps organisations prepare for, respond to, and resolve security incidents more rapidly and effectively by giving them access to a wide range of cyber security, forensics, incident response and business advisory experts. In the event of a breach or incident within your Microsoft Azure environment or workloads, Bridewell can leverage their extensive experience and expertise within Microsoft technologies to lead the response.

Leveraging Microsoft’s Defender for Endpoint solution, Bridewell will work with your technical team to develop a custom containment and remediation strategy, based on the actions of the attacker and taking into consideration your organisation’s specific requirements around eliminating the attacker’s access, removing malware and improving the overall security posture of the environment. Once the strategy has been determined, Bridewell can deploy Microsoft Defender for Endpoint into your environment within hours of an initial breach. With GIAC certified analysts in our CREST accredited Global SOC, Bridewell will then begin analysing network traffic and information from thousands of endpoints and investigating client-provided leads to build a threat profile.

Following this, Bridewell will identify attacker activity within Azure and scan the wider network to monitor real time attacker activity and search for forensic activity of past actions to establish dwell time. In-depth analysis will then be conducted to determine the initial attack vector and extent of the compromise, which can include:

• Live response analysis, directly on the endpoint • Forensic analysis • Network and traffic analysis • Log analysis • Dark web monitoring • Malware analysis

Given the experience of Bridewell's consultants within Microsoft Azure, they are valuable resource for organisations looking to augment and drive security within their environments. They offer additional expertise and insights and can act as additional resource to existing in-house teams.

Why Bridewell?

Recognised as a Gold Security Partner by Microsoft, accredited by the NCSC and CREST, and certified to ISO 27001, 9001 and Cyber Essentials Plus, Bridewell is a highly-experienced and qualified cyber security services provider. Our experts have deep experience working with some of the most highly regulated organisations and sectors, in critical national infrastructure and beyond, which allow them to deliver cyber security services to the highest possible standard. These services are provided on a tailored basis for each customer, helping them resolve their individual key challenges in collaboration with a long-term partner.