Incident Response Services & Your Security Strategy

Listen in as Josh Zelonis, senior analyst with Forrester Research, and RSA discuss real-world IR experiences and how IR fits into your overall security strategy.

View Webinar


  • Get rapid access to incident response experts when you suspect a data breach or cyber attack. We quickly investigate and assess the scope and nature of the incident, and deploy our IR team on containment and remediation activities.

  • ​Limit the scope of a cyber attack and prevent attackers from achieving their objectives with prompt, decisive IR services.

  • ​Preserve forensic evidence for investigations, law enforcement and prosecution.

  • Tap our experience working across industry verticals and our knowledge of various industry and regulatory compliance requirements.

  • ​Leverage our proven processes and specialized technologies to accelerate incident response, forensic investigation and remediation.

  • ​Access our extensive network of cyber threat intelligence for insights on current and planned attacks, and attacker tools, tactics and techniques.

  • ​Work with a trusted incident response team that’s repeatedly demonstrated its capabilities in the most demanding business environments. We’ve helped hundreds of organizations across the public and private sectors respond to and recover quickly from data breaches and other cyber attacks.

  • Government accredited services: National Security Cyber Assistance Program (NSCAP) Cyber Incident Response Assistance (CIRA).


  • Comprehensive Cyber Forensic Analysis Framework

    This framework guides our forensic analysis and ensures the incident response process includes data from multiple sources, including in-house systems, open source research and various threat intelligence feeds.

  • Host Forensics

    Our incident response team uses executables, files and libraries to identify unauthorized services and processes running on endpoints.

  • Malware Analysis

    We conduct basic and advanced static and dynamic analysis to develop techniques for blocking malware, which improves organizations’ resilience against further intrusions.

  • Network Analysis

    Packet and log data collected by RSA NetWitness® Logs & Packets helps us identify suspicious communications that traditional, signature-based cybersecurity systems miss.

  • Cyber Threat Intelligence

    Our IR team conducts extensive research into cybercriminals’ attack infrastructure, tools and techniques, and monitors cyber threat intelligence feeds from a range of sources including the government and industry ISACs (Information Sharing and Analysis Centers).

RSA Advanced Cyber Defense & IR Services

Effective defense is not purely about buying the latest security technologies; it’s about establishing an effective security program that brings together security expertise, processes and technology to improve the organization’s ability to prevent, detect, and respond to attacks. Find out how RSA can help.

Proactive Cyber Threat Detection

It’s become increasingly difficult for many companies to identify cyber threats lurking on their networks because these threats are often designed to elude traditional security systems. But with the right technologies and skill sets, organizations can turn the tables on cyber adversaries and detect threats before damage is done.

Acute Cyber Incident Response

When you discover a security breach, you need to determine—in short order—exactly what happened, how it happened, the scope and impact of the compromise, and the steps you need to take to contain and remediate it. RSA’s incident response team can help you quickly get your arms around a breach.