CERT / CSIRT

TEHTRIS CERT / CSIRT

Cybersecurity Incident Response

TEHTRIS CERT centralizes and coordinates the management of cybersecurity incidents. The implementation of sensors internal to the XDR Platform (EDR, EPP, SIEM, Honeypots…) allows us to establish a cybersurveillance the actions carried out on the information systems of our customers. In case of suspicion or proven attack, and in view of the scope and technologies impacted, a team is set up to provide expert profiles in all technical and legal areas of cybersecurity.

Our mission is to support our clients when they face a crisis whose origin is a cyber threat. Our expertise and our numerous feedbacks allow us to quickly qualify the nature of an incident while identifying the impact on your IT resources. The XDR Platform’s technologies enable the rapid deployment of detection and containment solutions to contain threats with the aim of eradicating them.

Incident handling cycle:

Preparation

Technology watch and preparation of tools and procedures to be used in the event of an incident

Identification

Analysis and understanding of the incident. Identification of the perimeter, realization of hypotheses

Containment

Identification of measures to stop an attacker’s progress

Eradication

Removing the threat and putting up a barrier to prevent it from happening again

Return to service

Advice on actions to be taken to restore service

Capitalisation

Reflection on areas for improvement in order to better respond to the next incident of the same type

CERT

As a CSIRT, TEHTRIS is a member of the official list of CERT-type entities [CERT TEHTRIS]

Official RFC 2350 TEHTRIS-CERT document

CONTACT

Contact CERT