Emergency response, hacker intrusion prevention and rescue, intrusion detection

Emergency response is to provide services including stop loss suppression, event analysis, business loss assessment, system reinforcement and event traceability in case of hacker intrusion, DDoS, data theft, Trojan virus and other events, so as to reduce the impact and loss of security events on the enterprise itself.

Most information security incidents will lead to information business interruption, system downtime, network paralysis, and have a direct or indirect negative impact on the organization and business operation. The establishment of emergency response services can quickly detect security incidents, minimize losses and damages, and restore information services.

The scope of emergency response includes the network or computer in the system or the hardware, software, and data of the network equipment system are damaged, changed, and leaked due to illegal attacks or virus intrusion and other security reasons, which cause the system to fail to operate normally, or the discovered security risks that may cause the above phenomena.

Including but not limited to the following situations:

1. Check whether the host is hacked;
2. Investigation of business security incidents such as database tampering and data leakage;
3. Handle ongoing attacks to prevent hackers from further attacks;
4. Comprehensive search and cleaning of mining programs, viruses, worms, trojans and other malicious programs;
5. Comprehensively search and clean the WebShell, dark chain, hanging horse page, etc. in the WEB site;
6. Handle exceptions caused by intrusion to help customers quickly resume business;
7. Analyze hacker intrusion tactics and find out the reasons for intrusion;
8. Analyze the behavior of hackers after invasion and judge the impact of invasion;
9. Provide repair suggestions and guide users to strengthen security to prevent re intrusion;
10. Provide safety emergency service report
11. Unauthorized access, entering the unauthorized access network through intrusion, resulting in data information leakage;
12. Information leakage, information leakage caused by data interception, tampering, analysis, etc. during data transmission;
13. Denial of service. Normal users cannot access relevant services provided by the server normally;
14. Illegal login is found in the system log;
15. It was found that computer virus infection broke out in a large area of the network;
16. It is found that someone is constantly trying to log into the system;
17. Unknown new user accounts appear in the system;
18. The administrator receives a warning letter from the system administrator of other sites, indicating that the system may be threatened;
19. The access permission of the file is modified;
20. System problems caused by security vulnerabilities;

1. Experienced
Relying on years of security practice experience of Cloud Summit's own business, we can accurately analyze and restore events, and assist enterprises in repairing vulnerabilities in time to prevent similar threats from happening again
2. quick response
It can quickly respond and locate according to the event level, and reduce the loss caused by time difference
3. Event analysis
Analyze the cause, method and path of the event, and trace back the event with Baidu big data threat intelligence system
4. Professional team
The members of the security service team are all security engineers with rich emergency handling experience carefully selected by Cloud Summit to ensure the efficient and reliable emergency response process

1. Real time principle

Ensure to accept the service request raised by the customer in the event emergency response, and respond within 30 minutes (telephone or QQ) after receiving the customer's event request.

2. Normative principle

There are strict event records for each event and the whole process of event handling.

3. Confidentiality principle

The handling content, time and report of all events shall strictly comply with the principle of confidentiality and shall not be disclosed to any third party.