Home Responding to IS incidents

Responding to IS incidents

IS incident response is a process that identifies and eliminates system deficiencies. During the investigation, specialists find IP vulnerabilities, check the operation of protection mechanisms, the quality of the system architecture and its management. Response to IS incidents is carried out in accordance with generally accepted standards.

Responding to the activities of criminals is a rather laborious process. It requires a detailed plan and the involvement of professionals. FS Group will allow you to use the rapid response team FS IRT, which includes specialists who have expertise specifically in this niche. Also, the existing response team in the company can be supplemented with the help of our staff.

Incident response objectives

  • develop a report and recommendations
  • prevent deterioration of the situation
  • maintain the company’s reputation and resources
  • restore the system
  • to carry out works on informing employees of the company
Want to know more?

Get a consultation
Stages of incident response
  • Getting information about events
    This can be done, for example, with FS MNG –  IS system monitoring, work with administrators, users and other sources of information
  • Preliminary assessment of the event
    At this stage, you need to determine whether the event (harmless system change) is actually an incident (harmful change) IS
  • Critical assessment of the incident 
    The incident is assessed according to the criticality scale adopted at the enterprise, which is recorded in a special document
  • Collection and processing of certificates
    Work with employees of the company and available information is carried out, certain norms are considered
  • Finding the violator
    Establishing the motive and identity of the offender. In particular, our specialists use a unique platform to investigate cybercrime with its own database
  • Elimination of consequences
    This procedure depends on the severity of the incident and the procedures used

  • Paperwork
    All received important information is structured and summarized, then it is entered into documents

  • Taking preventive measures
    That violations were not found again – after reaction to incident there is a work on elimination of vulnerabilities


Identification of vulnerabilities
Identification of vulnerabilities

Our specialists will carefully analyze your system and find all its shortcomings

Finding the violator
Finding the violator

Modern tools and extensive experience allow us to find cybercriminals in the optimal amount of time

Customer-oriented support service
Customer-oriented support service

Support staff will help you with any problem related to responding to IS incidents

Related products and services

Simulator of sending phishing emails in order to understand the probability of a successful phishing attack on the company and plan activities to increase the level of education of employees to counter phishing attacks

• Integration within the corporate network
• Development of phishing pages for your requirements
• User texts in emails
• Setting up the system for a mail server


WEB-solution that helps to verify employees and contractors on data from open and closed sources, as well as with Big Data FS Group

You get access to unique data, make it easier for employees of different departments, for example:

• purchasers
• HR
• compliance officers
• lawyers
• financiers

and among other things - you get a centralization and a single point of entry of data, which can work with different departments of the organization


Package of services for investigation, analysis and investigation of information security incidents

The minimum package includes:
• consulting with experts
• investigation of the IS incident
• comprehensive forensic examination of digital evidence
• reports on individuals / legal entities from open and closed sources
• a monthly newsletter with information about vulnerabilities actively used by hackers and recommendations for increasing the level of protection
• penetration testing
• scanning web applications and resources


Software product for detecting compromised accounts of the organization in open and closed sources

Thanks to FS MNG you can:

• identify compromised accounts, including when compromising third party resources
• prevent data leakage
• protect against the use of compromised passwords
• be informed about the leaks before it is widely covered in the media


A software product that contains a list of anonymized IP addresses in the TOR, PROXY & VPN categories sold in public and in DarkNet. Allows you to identify anomalies in network traffic, application traffic and can be used in various ways

• Proactive approach to TI collection
• More information for decision making
• Earlier provision of data and thus prevention of attack
• Compatibility with most vendors' solutions
• Complementarity with other feeds


Like many other companies, FSG uses cookie technology on its websites to improve your user experience, as well as for the correct operation of the website.

If you agree to the use of all cookies on this site, click the Ok button. To learn more about cookie technology, its benefits and how FSG uses it, check out our Privacy Policy.