OneCare - Security Incident Response

The aim of the Security Incident Response service is to respond to cyber security incidents, analyse and remediate them within a guaranteed time of initiating action.

Service description

This service typically includes:

  • analysis of security incidents, providing consultations, analyses and technical recommendations of ALEF specialists to the customer's IT team in dealing with cyber incidents, with the customer implementing corrective measures on his own.
  • security incident resolution, complex execution of all phases of security incident resolution, including design and implementation of corrective measures by ALEF specialist. As a result, requirements on the customer's internal IT resources are minimized.

Post-incident services include forensic collection of incident-related data, analysis of discovered malware samples, and security training for users.

We also offer you the opportunity to organise Cyber Combat exercises, which provide the opportunity to practice the practical aspects of responding to security incidents. Customer teams responsible for ensuring information security within their organisations are confronted with realistic incidents in a simulated environment. Based on the procedures that the teams use to deal with the incidents, ALEF CSIRT specialists formulate recommendations to make the response to future incidents more effective.

The performance times for this service (SLA) are guaranteed by ALEF.


Who is the service for?

For all types and sizes of customers who do not have an in-house team of cyber security experts capable of analyzing the causes and remediating the consequences of security incidents occurring in their IT environment. The service is designed for customers who need to ensure a rapid response to the occurrence of a cyber-attack and eliminate its impact on the customer organization's operations.


Main advantages of the service

The service is performed by the ALEF CSIRT (Computer Security Incident Response) team.

ALEF CSIRT is composed of experts in various aspects of information security, which enables it to respond flexibly to incidents, newly discovered threats and vulnerabilities of various types.

ALEF CSIRT is listed in the international register of security teams "Trusted Introducer" and cooperates with many entities focused on cybersecurity at national and international level.

How is the implementation done?

  1. In the area of prevention and proactive measures, ALEF CSIRT offers alerts on newly discovered vulnerabilities. This is complemented by recommended procedures for removing them or reducing their impact (ALEF TNS - Technology Notification Service). Prevention can also include a wide range of security analyses and scans of web applications and computer networks.
  2. When a security incident occurs or is suspected to occur, the customer reports the ticket to ALEF Servicedesk and our experts then resolve it. If the customer has also purchased a security monitoring service from us, we will evaluate the occurrence of the security incident ourselves and start solving it in a quick time.

All OneCare services