Report an Incident

1-800-270-9034

Respond

Response time is of the essence

At Surefire Cyber, we are redefining the incident response model by combining critical thinking and workflow automation.

Intake & Scoping

  • 24/7 availability
  • Report an incident
  • Kick-off call to advise and onboard
  • Structured approach outlining our services

Containment, Monitoring & Control

  • Deploy security tools

  • Monitor endpoints and detect malicious activity
  • Secure the environment
  • Cyber intelligence applied to enrich the data set

Forensic Analysis

  • Investigate

  • Forensic report

Negotiation & Recovery

  • Develop a negotiation strategy

  • Facilitate payment
  • Restore data from back-ups or decrypt
  • Rebuild systems and restore services

Remediation

  • Strengthen security posture

Data collection, analysis, and presentation no longer takes weeks or days but instead hours or minutes. Our automation capabilities can rapidly scale across systems and provide our experienced team with a 360-degree view of a client’s environment.

1. Intake & Scoping

1. Intake & Scoping

Our team of experts is available 24 hours a day, 7 days a week. Within 2-3 minutes of reporting an incident via our website, email or toll-free number, our team is in contact to schedule a scoping call.
2. Intake & Scoping

2. Intake & Scoping

Within an average of 15 minutes (dependent on client availability), we are on the scoping call to discuss the situation, gain an understanding of the impact, and discuss immediate containment measures.
3. Intake & Scoping

3. Intake & Scoping

A statement of work (SOW) for our services is then sent by our team within an average of 15 minutes after the call (not including legal review if requested).
4. Containment, Monitoring & Control

4. Containment, Monitoring & Control

Once all parties agree and sign the SOW, we schedule a kick-off call with the client to understand their infrastructure, technical environment, restoration priorities, and security controls. We identify the data within the investigation scope and, if necessary, deploy endpoint detection and response tools at no additional charge.
5. Containment, Monitoring & Control

5. Containment, Monitoring & Control

We monitor endpoints to detect malicious activity, secure the environment and eradicate threat actor presence. We can collect as few or as many endpoints as necessary and upload the data collection to the client’s own cloud hosted storage instance. The entire process from collection to upload takes 2-5 minutes.
6. Forensic Analysis

6. Forensic Analysis

The data set is now ready to be analyzed. We can do this much more quickly, accurately, and efficiently because we are looking at the big picture. We provide answers to critical questions, such as point of compromise, possible data exfiltration, and other relevant indicators within 24-48 hours of receiving incident response data.
7. Negotiation & Recovery

7. Negotiation & Recovery

Should the need arise, we will define an appropriate negotiation strategy, manage threat actor communications, and facilitate payment.
8. Negotiation & Recovery

8. Negotiation & Recovery

It is important to note we have been running restoration in parallel with forensics since day one. Our restoration team is engaged the first minute, rather than hours or sometimes even days later, of an incident working on restoration and containment of the threat.
9. Remediation

9. Remediation

After an incident we are here to support clients by providing recommendations to improve and enhance security measures. We specialize in managing ongoing remediation and improvement initiatives, ensuring seamless execution and tangible results.

We have built a platform to automate repeatable tasks, such as gathering evidence and assembling forensic artifacts. This allows us to refocus our experts away from the time-consuming work of putting the puzzle together piece-by-piece. Instead, our team uses their critical thinking to orient our clients to the picture that the puzzle creates, guides them through the response process and helps them make informed decisions.

By combining process automation and strategic deployment of our expert team, we can accelerate our delivery of outcomes.

Scroll to Top

This website uses cookies to improve your browsing experience. By clicking accept, you consent to the use of cookies. To learn more about the cookies we use, visit our Privacy & Cookie Policy.

Accept Cookies

Certifications and Credentials

  • AWS Certified Solutions Architect – Associate
  • AWS Cloud Practitioner
  • Cellebrite and Paraben Certified Mobile Examiner
  • Cellebrite Certified Mobile Examiner (CCME)
  • Cellebrite Certified Physical Analyst and Certified Operator
  • Certified Access Data Forensic Analyst
  • Certified E-Discovery Specialist (ACEDS)
  • Certified Forensic Computer Examiner (CFCE)
  • Certified Forensic Examiner-Access Data (ACE)
  • Certified Hard Drive Repair Technician
  • Certified in SANS Windows Forensic Analysis (GCFE)
  • Certified Information Security Manager (Certified by ISACA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Mac Forensics Analyst
  • Certified Public Accountant
  • Chief Information Security Officer (Certified by EC-Council)
  • Citrix Certified Integration Architect
  • CompTIA A+
  • AWS CompTIA Cybersecurity Analyst (CySA+)
  • CompTIA Linux+
  • CompTIA Linux+ / Linux Professional Institute Certified Linux Administrator (LPIC-1)
  • CompTIA Pentest+
  • CompTIA Cloud+
  • CompTIA Security+
  • Cyber Forensics and Incident Response certificate – Carnegie Mellon
  • Department of Defense Cyber Investigations Training Academy, Computer Forensic Examiner
  • EC-Council Computer Hacking Forensic Investigator Certification (CHFI)
  • EC-Council Computer Hacking Forensic Investigator Certification (CHFI)
  • EnCase Certified Examiner (EnCE)
  • FBI Certified Crisis Management Coordinator
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Advanced Smartphone Forensics (GASF)
  • GIAC Information Security Fundamentals
  • GIAC Security Essentials (GSEC)
  • International Association of Computer Investigation Specialists (IACIS)
  • Licensed Member, California Bar Association
  • Magnet Certified Forensics Examiner (MCFE)
  • Microsoft Certified Professional (MCP)
  • Microsoft Certified Systems Engineer
  • Professional – Information Systems Security Architecture Professional (CISSP-ISSAP)
  • Professional – Information Systems Security Management Professional (CISSP-ISSMP)
  • Senior Professional Human Resources Certification
  • VMware Certified Professional

Report a New Incident

Your incident report has been submitted.