When hacker intrusion, DDoS, data theft, Trojan virus and other events occur, emergency response services including stop loss suppression, event analysis, business loss assessment, system reinforcement, and event traceability are provided to reduce the impact and loss of security events on the enterprise itself.
Relying on years of security practice experience of Baidu's own business, we accurately analyzed and restored the incident, and assisted the enterprise in repairing the vulnerability in time to prevent the recurrence of similar threats.
It can quickly respond and locate according to the event level, and reduce the loss caused by time difference.
Analyze the cause, method and path of the event, and trace back the event with Baidu big data threat intelligence system.
The members of the security service team are security engineers with rich emergency handling experience carefully selected by Baidu Security, to ensure the efficient and reliable emergency response process.
The safety engineer directly contacts and docks with the customer, understands the specific details of the event through communication with the customer, and records the problem. According to the phenomenon described by the customer and the actual phenomenon of the system, the event is confirmed and qualitative.
After receiving the event response application, the safety engineer will respond quickly. According to the event type and the security event records saved by the system, and combined with the comprehensive situation of the system and the network, a comprehensive and in-depth analysis was carried out.
After the event analysis is completed, the following professional and in-depth processing will be carried out on your system: cleaning up trojans, webshell backdoors, malicious programs, and hanging horse pages in the system; Restore the tampered system configuration and delete the backdoor account created by the hacker; Clean up abnormal system services and processes, as well as other services.
After the incident is handled, the Emergency Response Report shall be prepared according to the specific situation. The document describes the phenomenon, handling process, handling results and cause analysis of the entire security emergency, and gives corresponding security suggestions.