Image Alt

Incident Response

Incident Response Parent

What are the services provided by Arete relevant to all incident response engagements? E.g. what are the touch-points you’d like to highlight that are applicable to all customers, regardless of which service they hire you for.

We lower the cost and risk to Cyber Insurance carriers, and Insureds by providing highly customized Incident Response and Digital Investigation services, while simplifying the process and resolving business disruption.

While some companies require insureds to get funds up front, costing precious hours and days to the clients in crises. Arete, has created a simple, easy way for Breach Coaches and Insureds to immediately respond by facilitating the entire technical and financial process of purchasing the Bitcoin, while managing the negotiation with the bad actor for a flat fee, to be paid in 30 days. Allowing clients to focus on restoring their business to health.

Rapid response is critical to maximizing the chances of recovery from a business email compromise (BEC) scam. 

As BEC scammers frequently utilize fraudulent wire transfers, time is of the essence in responding to the attack.  Once notified, Arete professionals will immediately begin the collection of relevant evidence to determine the who, what, where, when, and how of the attack, producing a preliminary report within 24-72 hours.  If a notification list is necessary, Arete’s eDiscovery team utilizes robotic process automation and artificial intelligence to zero in on the affected documents, producing legally compliant findings for a fixed fee per document. 

Arete offers the following advantages: 

  •  Arete’s team of experts, with years of experience in the military, government and the private sector, handle hundreds of BEC cases every year 
  • Arete can liaise with law enforcement, as Arete superheroes regularly work side-by-side with law enforcement on a variety of matters 
  • Arete has the knowledge and expertise to assist with the securing and hardening of the client’s infrastructure to help protect the client against future attacks 

We focus on remediation efforts to ensure clean back up capabilities to minimize the impact of future ransomware attacks.

Remediation services include:

  • Restoration of Backups Systems post incident
  • Recovery of Corrupted Data post incident
  • Rebuilding or Re-installing Operating Systems post incident
  • Implementation of code-changes, rule changes on firewalls, post incident
  • Re-configuration of Identity Management Systems, Active Directory, Group Policy, etc. post incident

We assist in restoring systems to an operational state after a breach or other type of security incident. We restore corrupt or destroyed disk volumes, and, in some cases, entire disk environments from both on-line and off-line back-up sources. We will re-install and configure operating systems, such as Windows, Windows Server, Unix and Linux, as part of our remediation efforts. We restore SQL servers and databases, update/reconfigure routers and firewall rule sets, install new tools and technologies, and implement new group security rules and policies within AD and other environments as needed.