Fortis by Sentinel Incident Response

Additional Info

CompanyFortis by Sentinel
Company size (employees)500 to 999
Headquarters RegionNorth America
Type of solutionService


Fortis by Sentinel takes a holistic approach to Incident Response that goes beyond simple threat identification, eradication, and consultative guidance. Incident Commanders, Response Analysts, and team of 200+ technical specialists work side-by-side with Fortis customers to help shut down attacks and restore impacted systems to an operational state.

When an incident occurs, be it a data breach, exfiltration, email compromise, or ransomware, the Fortis by Sentinel team of elite ActiveRecovery(TM) specialists can respond remotely or at a customer’s site to counteract the attack. Utilizing best of breed security products, Fortis experts contain the threat, work to restore operations, reduce the attack vector, and perform forensics analysis to help organizations recover quickly.

In addition to reactive services, Fortis by Sentinel also offers an Incident Response Retainer (IRR), which is designed to be an adjustable agreement enabling organizations to set preferred rates, create a two-hour response SLA (service level agreement), and take advantage of specialists’ experience via proactive services. Fortis consulting services and flexible use provisions ensure invested hours can be applied in different ways to help maintain organizational readiness.

How we are different

• Experience matters – The elite specialists from Fortis by Sentinel have performed triage, incident response, and remediation for hundreds of organizations across many different industries. While studies show that a majority of companies do not survive for longer than six months following a significant cyberattack, the Fortis IR team has helped 100% of our customers achieve a solid recovery and remain in business.
• Proven strategy – The Fortis by Sentinel team understands the current threat landscape and bases the tools and methodologies we use on industry best practices. Incident response analysts are armed with the latest information from a comprehensive, always updating Fortis Threat Exchange (FTE) database, which details all known malware and suspicious activity alerts from other Fortis customers. They use this in combination with best-of-breed security products in order to contain a threat, then work with customers to restore operations, reduce the attack vector, and perform forensics analysis so they can recover quickly.
• Analysis and reporting – It’s important to obtain as many details as possible about an attack on an organization, to better understand how the bad actor gained access to the environment, what actions they took and damage they caused once inside, along with guidance on ways to prevent this from happening again in the future. Fortis specialists conduct a forensics analysis and detail all IR findings in documentation that can be used as a building block to help our customers further harden their security posture.