Incident Response and Forensics Services from VeriSign, Inc.

You Are Here: US Home > Global Consulting Services > Global Security Consulting > Global Security Consulting Services Overview > Incident Response and Forensics Services

Incident Response and Forensics Services

VeriSign helps Fortune 1000 companies respond to denial of service attacks and other network security breaches. We develop policies and procedures for the people on the front line of incident detection and response.


Respond Quickly to Security Breaches
The PurposeConduct a thorough investigation. Help stop the attack. Contain the damage. Improve your systems and practices. Gather evidence.
Value to YouMinimize loss of revenue. Benefit from an investigative approach that's legally approved and forensically sound. Safeguard the trust you've built with customers and partners. Safeguard your compliance with Visa Cardholder Information Security Program (CISP) and the MasterCard Site Data Protection (SDP) Program - and adhere to reporting requirements.
How We WorkHelp prepare you to respond to breaches. Provide rapid response when incidents occur. Provide computer forensic and expert witness services. Minimize the damage. Help you recover.
The ResultsRecommended countermeasures to contain the attack. Support of the VeriSign Incident Response and Computer Emergency Response Team. Forensic evidence of the cause. Expert reports and testimony if needed. Recommendations to leave you stronger.
Why VeriSignA team certified as Certified Information Systems Security Professionals (CISSPs), SANS GIAC Certified Forensic Analysts (GCFAs), SANS GIAC Certified Intrusion Analysts (GCIAs), and SANS GIAC Certified Incident Handlers (GCIHs). Unique awareness and intelligence about current threats. Extensive experience as Visa CISP and MasterCard SDP investigators and assessors.
Learn MoreTo talk with us about security and your business, call 650-426-5310 or submit your inquiry online.
Or, see the Global Security Consulting Services Overview.

The Purpose

You need to have an incident response plan in place - even if expert support is immediately available. We’ve developed incident response programs for many of the Fortune 1000. We develop policies and procedures - and most importantly train the people on the front line of incident detection and response.

We help you - once we’ve prepared you to handle a security breach - to:

Stop the attack 
The first objective of incident response is to stop the attack. Whether it’s internal or external, the attack can shut down your business, compromise confidential information, and erode the trust of your customers.

Contain the damage 
Once the attack has been stopped, we focus on minimizing damage and improving the system to prevent future incidents. Speed and quality are essential. They often determine the ability of a business to recover and contain damage.

Gather evidence 
We also investigate to determine the extent of the damage and gather evidence. Evidence is essential when credit card data or other confidential information has been compromised. It may also be part of legal or contractual requirements.

Back to top

Value to You

Minimize Business Interruptions 
Your business can halt be severely stalled if your e-commerce or Web-based applications go down. We protect your revenue-generating activities by helping you to minimize attacks - and to stop them quickly.

Safeguard the Trust You’ve Built 
The trust of your customers, employees, and business partners is as valuable as your revenue. They trust you with the security of their confidential information. We help you to minimize the theft or misuse of confidential data - and to respond quickly if a breach occurs.

Safeguard Your Compliance  
If you’re a merchant or a service provider, your participation in the Visa Cardholder Information Security Program (CISP) and the MasterCard Site Data Protection (SDP) Program may be essential. We’re an approved assessor. If you’re attacked, we can launch an immediate investigation to find out who’s responsible - and to safeguard your compliance.

Back to top

How We Work

  1. We prepare you.

Experts say that 98 percent of business will suffer a security breach this year no matter what they do to prevent it. We help you prepare for the breaches you can’t prevent.

Through our Security Architecture and Design Solutions, we:

      • Help you architect your network to detect security breaches better
      • Help you structure your network to be able to resist a breach better - and to allow the network to recover more quickly

Through our Security Policy and Program Services, we:

      • Help you develop policies and practices to deal with a breach quickly and effectively - to evaluate and contain it
      • Train your employees to prepare them for what they need to do when a breach occurs
  1. We respond quickly.

A quick response requires an immediate impact assessment. We assess the scope of the breach, where it’s coming from, its impact, and its severity. We then rank the results to determine the quickest and most effective way to stop or at least mitigate the attack. We can often give your network and system administrators the details they need over the phone. If not, we come to your site.

  1. We investigate.

An attack may require a forensic analysis:

      • We gather evidence that points to the cause of the incident. We examine logs. We make forensic copies of infected systems. We review the copies with forensic tools. We interview your staff.
      • We preserve the evidence in case you take legal action.
      • We analyze the evidence to determine how to contain and recover from the incident.
      • We obtain image copies of affected systems following industry-recognized forensic procedures.
  1. We contain the damage.

We examine the evidence to make sure that the action we take to neutralize the breach gets to its root cause. We then recommend countermeasures to:

      • Stop the spread of the incident
      • Minimize its damage
      • Limit its effect on the systems critical to your business
  1. We help you recover.

Finally, we help to restore your network and data. We can also provide disaster recovery and business continuity solutions to help you prepare for future incidents. Find out more about our Disaster Recovery and Business Continuity Solutions - which encompass redundant data storage, diverse network connectivity, fault-tolerant facilities, and monitoring services.

  1. We report our findings.

We assemble our findings in a report that - if you need to - you can use for legal proceedings. Several of our team members have been used as expert witnesses. We often work with law enforcement on cases involving criminal allegations.

Back to top

The Results

Emergency Response 
We provide rapid response to the incidents you face. Our security and network experts are always available - and they have extensive experience and awareness of the most current threats to systems worldwide.

Countermeasures to Contain the Attack 
We provide you with specific technical instructions about what to do to stop the attack and minimize damage.

Support from Our Computer Emergency Response Team 
VeriSign's Incident Response and Computer Emergency Response Team (CERT) team is available around the clock to help your staff to respond to security incidents any time they happen.

Forensic Evidence 
We provide you with a report that summarizes our findings. We provide technical details about the investigation process. We present the evidence we’ve uncovered from the logs, the infected systems, and through our interviews with the staff.

Recommendations for Recovery and Improvement 
An attack can leave you stronger. We analyze the causes behind the breach and recommend improvements to improve your network, your policies, and your staff’s ability to prevent and respond to future incidents.

Back to top

Why VeriSign

Our team of consultants is made up of Certified Information System Security Professionals (CISSPs) and SANS GIAC Certified Forensic Analysts (GCFAs). Read about Our Expertise.

VeriSign is an approved assessor for Visa CISP and MasterCard SDP and we apply Payment Card Industry Data Security Standards. We have experience in all types of investigations, not just credit card information compromise. Read Industries We Work With to learn more about our experience in your industry.

VeriSign is the global provider of .com and .net DNS. Our Security Operations Centers have unique awareness and intelligence about the current threats to IP-based systems. Read about The Value of VeriSign.

Security isn’t just about security, it’s about your business. We focus not on vulnerabilities, but their threat to your business. Read about Our Approach - the foundation for all our work.

Back to top
Contact Us
Please contact sales at
650-426-5310
Submit an inquiry online
Global Security Consulting
Services Overview
Enterprise Security Assessments
Enterprise Compliance Assessments
Security Certification Program
Incident Response and Forensics Services
Technical Security Assessments
Security Policy and Program Services
Security Architecture and Design Solutions
Identity and Access Management Services
Disaster Recovery and Business Continuity Solutions
Information Center
About Global Security Consulting
Industries We Work With
Public Sector Compliance Services
Compliance and Your Business
Resources



ABOUT SSL CERTIFICATES