CyberSecurity

Cyber Incident Response

Get assistance with managing your security incidents 24/7
Short description:
Global support through each stage of the incident response process: detection, containment,
remediation, and crisis monitoring.

Key benefits:
Manage your critical and targeted security incidents and ensure appropriate containment and
remediation thanks to our CSIRT (Computer Security Incident Response Team) experts.

Service family:
• Advanced Incident Response
Service description
Detailed description
Service level agreement
Operational follow-up
Deliverables
Available offers
This document is not contractual.
Subject to change without notice.
© 2017 Airbus CyberSecurity.
AIRBUS, its logo and the product
names are registered trademarks.
All rights reserved. // 917 E 0882
• Preparation of incident response using the appropriate tools.
• Incident response conducted in compliance with SANS process and
best practice.
• Detection and in-depth analysis of current cyber and APT threats to
your network and endpoints.
• Recommendations and support for containment.
• Continuous monitoring during and after the incident, both onsite
and remotely.
• Confidential custom detection rules to identify targeted and furtive attacks.
• Support and coordination of activities by a dedicated incident manager.
• Remediation and existing protection improvement.
• Joint drafting of an incident prevention strategy and key security
processes, taking lessons learnt into consideration.
• Assistance with incident communication management, internally and
externally (on request).
A service desk is included as standard.
Immediate intervention following first contact.
• Kick-off meeting with the customer.
• Weekly technical reports (or more frequently, if required).
• Status update at the end of each phase of the incident response process.
• Detailed investigation report:
-- Executive summary
-- Threat assessment
-- Attack timeline and persistence
-- Containment recommendations
-- Remediation recommendations
• Malware analysis reports (on request).
• Detection rules (on request).
A secure and dedicated web portal is available to access and exchange
documents.
Personalised service packages available, to include:
• Detection and analysis of cyber threats.
• Containment and remediation measures.
Airbus CyberSecurity
Metapole 1, boulevard Jean Moulin / CS 40001 / 78996 Elancourt Cedex / France
Willy-Messerschmitt-Str. 1 / 82024 Taufkirchen / Germany
Quadrant House / Celtic Springs / Coedkernew / South Wales NP10 8FZ / United Kingdom
Etihad Towers T3 / Corniche Road, 19th floor / P.O.Box: 72186 / Abu Dhabi / United Arab Emirates
www.airbus-cyber-security.com / contact.cybersecurity@airbus.com