INCIDENT RESPONSE TEAM (IRT)  —  information security incident investigation and analysis service

Basic annual package includes:
  • Consulting with experts

• Professional advice on the management and the level of information security of the organization;

• Practical recommendations about the organizational measures for the protection of information and systems in accordance with the methodology of ISO 27001.

Distribution of a digest with the latest cybersecurity vulnerabilities, threats, and recommendations for overcoming them;

• Providing written advice on critical threats to the company individually, consulting on information security measures needed to eliminate them.

As an example of the rapid response, our clients receive our recommendations on the emergence of new critical threats, such as Petya/Not-Petya, Efail, VPNFilter, etc. оn the same day.

  • Information security incident investigation

• Collection and analysis of incident data;

• Search for criminals and establish their involvement;

• Analysis of the preconditions that contributed to the incident;

• Providing recommendations for the prevention of similar incidents in the future;

• Collection and storage of materials that can later be used by the client to bring perpetrators to justice.

  • Forensic Examination

• FS Group conducts a comprehensive forensic investigation of digital evidence, on the results of which you receive:

◦ A package of documents that can be subsequently added to the evidence base to bring violators to justice;

Providing the customer with accurately collected physical and digital evidence.

  • Providing reports on individuals/legal entities based on searches in various sources of information

• To investigate, we use our unique platform, which allows us to search for information from a variety of sources and contains the widest database of leaks, website registration, and compromised accounts;

• Practical trainings from our experts for the client’s staff analysts based on the company’s incidents and the latest information security technologies;

Providing information, reports and initial data necessary for the investigation.

Security Bulletin is a monthly newsletter that contains information security rules related to vulnerabilities actively used by hackers, as well as recommendations for improving customer protection.

  • Penetration Testing 

• To determine the vulnerabilities of security mechanisms, we simulate the actions of an attacker who tries to compromise information;

• Select the appropriate method for your company (manual, automated, combined) and type of attack;

• Before performing the tasks, we agree on the rules of testing and determine the order of notifications about the progress of work.

• We use best practices and standards:

◦  OWASP Testing guide;


◦  NIST SP 800-115;


◦  ISACA Penetration testing procedure (P8).

  • Web/network scanning for vulnerabilities

Resources under study:

online stores, online retailers;

◦ media resources, news resources;

◦ banking resources, payment systems

◦ companies in technology and services;

◦ technological resources, SAAS

• We use instrumental web application scanning with elements of manual verification for an objective assessment of the level of security;

• We classify risks according to the methodology of OWASP (Open Web Application Security Project) — the world’s largest non-profit society for web application security. We take into account the motivation of the scammer, the level of skills, the availability of data on the exploitation of vulnerabilities to the general audience, and other parameters.

Have you been a victim of cybercrime or need advice?

If your company has an incident, you need help with ISO 27001 certification or you just want to check the information security of your company - click the button below and leave a request for a consultation!

Get a consultation
Why companies choose FS IRT

You are staffed by information security experts with 5 to 20 years of experience in the industry.

The key competencies of employees are divided into areas:

  • Threat Intelligence;
  • OSINT;
  • Vulnerability assessment/Penetration testing;
  • Security operations;
  • Incident Response;
  • Forensic and Cybercrime Investigation.

Each expert has from 2 to 5 certificates


  • LPIC-1.2
  • CCNA
  • CHFI
  • CISA
  • OSCP
  • CEH
  • ISO / IEC 27001 Auditor

Experience in investigating cybercrime in various fields

The IRT service is suitable for both business and government organizations. Our experts have experience in investigating incidents, gathering information, identifying and deanonymizing cybercriminals from various fields.

Experience in conducting international investigations

From the study of the activities of participants in hacking forums and services DarkWeb/DarkNet, as well as the activities of transnational APT-groups and deanonymization of members of such groups.

Why FS IRT prevails over analogues:

You do not need to hire a full staff of specialists in different fields to subscribe to the IRT in your schedule The equipment will be a multifunctional team of experts.


With IRT, you won't waste time reconciling legal documents in the midst of a cyberattack, at a time when you need to respond quickly to the actions of attackers who cause damage to your company.


An IRT subscription allows you to allocate time to specific services that your organization needs

Related products and services

FS PHISHING includes:

• Integration within the corporate network.
FS PHISHING provides large companies that don’t want to transfer employee information to cloud solutions with full operational autonomy. 
• Customized development of phishing pages according to your requirements.
Flexible configuration of the system to the company's resources to make phishing attacks more realistic.
• Development of writing texts based on the clients’ needs.
The product allows users to create universal phishing emails according to their requirements. The system does not limit the type of letters.
• Configuring the system for your mail server.
We integrate the product and set up the interaction with the corporate mail servers for maximum efficiency of the system.


WEB-solution that helps to verify employees and contractors on data from open and closed sources, as well as with Big Data FS Group

You get access to unique data, make it easier for employees of different departments, for example:

• Procurement specialists
• HR specialists
• Compliance specialists
• Lawyers
• Financiers

In addition, the advantage of OSINT LAB is a user-friendly interface that centrally collects and displays all requested data.


Software product for detecting compromised accounts of the organization in open and closed sources

Thanks to FS MNG you can:

• identify compromised accounts, including when compromising third party resources
• prevent data leakage
• protect against the use of compromised passwords
• be informed about the leaks before it is widely covered in the media


A software product that contains a list of anonymized IP addresses in the TOR, PROXY & VPN categories sold in public and in DarkNet. Allows you to identify anomalies in network traffic, application traffic and can be used in various ways

• Proactive approach to TI collection
• More information for decision making
• Earlier provision of data and thus prevention of attack
• Compatibility with most vendors' solutions
• Complementarity with other feeds


Like many other companies, FSG uses cookie technology on its websites to improve your user experience, as well as for the correct operation of the website.

If you agree to the use of all cookies on this site, click the Ok button. To learn more about cookie technology, its benefits and how FSG uses it, check out our Privacy Policy.