Overview

Since April of this year, one company, Fenix24, has been re-inventing the time-worn processes that incident responders use after an attack is identified, working collaboratively with some of the most trusted brands in cybersecurity. They were bold enough to say: “There’s a better way to do this.” They pioneered a new, collaborative approach that has been embraced by some of the most trusted names in incident response, has helped 122 customers in just nine months of operations and is shaving up to 50% off the downtime experienced by their clients.

Traditional incident response (IR) processes usually involve a breach coach bringing in Digital Forensic and Incident Response (DFIR) teams immediately after an incident like ransomware to lead the response. For weeks to months, inadequately trained IT teams working with experts primarily focused on forensics make critical decisions about restoration and take steps that affect the organization’s outlook for timely restoration. By waiting to bring restoration experts in until the end of the process their chances of guiding the optimal scenario is long gone.

The experts at Fenix24 remodeled the process. They are an active part of the initial response team, gaining remote access to client systems, triaging issues, deploying advanced Endpoint Detection and Response (EDR) tools, and capturing the data DFIR teams need before they can begin to do their forensics work. At the same time, they are leading the response, determining the best strategies for recovery, ensuring essential business data is retained, and working to restore systems.

Shortly after its formation, Fenix24 announced a combined service in partnership with Palo Alto Networks. Fenix24 has also introduced a partnership solution with the elite teams at CrowdStrike, GuidePoint Security, Mandiant, and Kivu Consulting.