This service covers the retrieval of elements allowing to constitute an incident case, the handling of a threat still present in your I.S. as well as the collection and the restitution of the data necessary to the realization of a digital forensic. This service can be associated with a digital forensic service.
Below is a list of the steps involved in the handling of an incident by the CSIRT COGICEO:
- Context retrieval.
- Evaluation of the impacted perimeter.
- Preparation of the defense plan.
- Evaluation of the collection method.
- Preparation of collection tools.
- I.S. access receiving.
- I.S. access check.
- Data collection.
- Restitution of collected data and incident report.
Type of incidents
Below is a list of incident topics we have encountered:
- Web front-ends (Apache Tomcat, NGINX).
- Microsoft Exchange on-premise mail service.
- Microsoft Active Directory domain controler.
- Microsoft Active Directory domain.
- Workstations (Windows).
- Core banking system.
- Microsoft Office 365 user account.
9:30 AM - 6:30 PM CET/CEST
monday - friday
🔑 COGICEO CSIRT PGP key
8031 61C4 3EAB F642
434E 6D2B D789 82A8 DF25 D2C7 8031 61C4 3EAB F642