Sababa Incident Response

Security incidents happen anyway. However, the severity of the security incident disruption depends on how well prepared the attacked company is. To contain the incident and restore business activity as quickly as possible with minimal consequences for the company, it is worth having a security emergency plan prepared in advance.

Sababa Incident Response is a set of measures aimed to prepare the company for a security emergency scenario and restore its normal operation disrupted by a cyber security incident. The incident response is based on the NIST guidelines and includes detailed operational procedures supporting the security teams in dealing with different types of incidents. Our experts contain security incidents at any stage and bring industrial and business processes back to work – any time of the day and at night.

• 3 tiers of yearly incident response packages are available – with the specific SLAs included
• It takes just 1 day to make onboarding and prepare an incident response plan
• OT security incident containment is conducted by experts with vertical background
• Cyber security emergency hotline is available 24x7x365 • Available in Italian and English

Step Graphic Sababa

Sababa Incident Response includes 4 main phases:
• Preparation stage, when Sababa experts collect information about the network to be able to promptly react in case of the incident
• Detection and analysis stage, aimed to identify the actual and potential effects of the incidents to assign priorities based on the incident severity
• Incident containment, eradication, and recovery actions
• Post-incident activity, including incident investigation, forensic analysis and a “lesson learned” meeting

Sababa Security