Response Modules are used to orchestrate and -where necessary- automate the containment activities required during the early stages of incident management to limit the propagation of an attack.
Tactical Response Network
The Tactical Response Network module allows the Certego Network Sensor to work with the customer’s firewall, so that implementation of the blocking rules needed after the detection of an attack is automated.
Tactical Response Endpoint
For certain types of cyber incident, speed of response (MTTR -Mean Time To Response) is fundamental for containing the impacts and consequences of the breach. The goal of the Endpoint Tactical Response module is to allow Certego’s IRT Team, in agreement with the customer, to intervene directly on the endpoints and quickly apply specific containment measures to block or slow the attacker’s activities.
The ITSM module allows two-way integration between the Certego PanOptikon platform and the main ticketing system on the market, to make managing the security incident easier for all those involved in the response process.