Incident Response Retainer

Get emergency cybersecurity incident assistance and forensic analysis services, both on-demand and by retainer, with a 2-hour SLA on callbacks.  

Rest assured you’re ready

Get the support you need, when you need it from a team that knows your environment and is ready to lunge into action.

Rest assured
Active Incident Response icon1

Faster response and recovery

In the event of an incident with email or another account compromise, get immediate response and recovery.

Active Incident Response icon2

Activity and security review

Microsoft O365 sign-in activity and security configuration review help triage your vulnerabilities.

Active Incident Response icon4

Breach risk assessments

Know where you stand with privacy for PHI, PII, or PCI data and avoid costly breaches.

“One of our employees downloaded something and all-of-a-sudden we were in the middle of an event. Critical Insight responded quickly, professionally and helped us get back up and running as fast as we hoped.”
Business icon

IT Manager

Retained Support and Active Preparedness

A multi-pronged incident preparedness and response plan will give you peace of mind and could save you months of cleanup from a messy incident.

Knowing your team ahead of time can help shut things down faster. Certifications held by our IR team include:


Services include:

  • Ransomware response and recovery
  • Firewall, AV, and EDR event/timeline and security configuration review
  • Active Directory Domain Controller event reviews and timeline reconstruction
  • Server and Workstation endpoint examinations for malicious events, indicators of malware, suspicious PowerShell, hidden scheduled tasks, suspicious service accounts
  • Logfile analysis and timeline reconstruction
  • Forensic analysis of a device, such as a computer, hard drive, phone or tablet, looking for malicious or inappropriate use of the device, or other signs of tampering

Related Solutions