What happened, how it happened & How to resolve it
Our team will perform a comprehensive forensic and log analysis to identify what happened, how it happened and the best course of action to resolve the breach. We will work with your organisation and any incident response procedures that are in place to provide assistance (Annual IR retainer options available).
Forensic & Log Analysis
Our team will perform a comprehensive forensic and log analysis to identify what happened, and how it happened.
INCIDENT RESPONSE RETAINER
Enable your business to access the technical resources required to respond to a breach in an agreed timeframe.
TIMELINE based reports
All findings are documented in a timeline-based report, detailing all findings and recommended remediation actions.
We use industry-leading siem software to detect & Analyse threats
Our team has extensive experience with a wide array of industry-leading SIEM platforms and are ready to assist you with everything from a brand new implementation through to specific use case integrations.
WHAT IS A SIEM?
A SIEM (Security Information and Event Management) service centralises logs within an environment for both security monitoring & incident response purposes.
We will design and implement an effective SIEM tailored to your business.
MATURING YOUR SIEM
We will identify key areas to mature the detection capabilities effectiveness of your SIEM.
Alchemy identify critical assets and design a SIEM
Alchemy worked with key stakeholders to identify business critical assets, information and processes. Using this information a SIEM was designed and implemented to centralise logs and events while enabling the business to proactively correlate and identify threats within all tiers of their environment.
Splunk was used to mature defensive capabilities
Splunk is still considered the industry standard SIEM product on the market, we have utilised the flexibility of this product across a wide range of customers to dramatically mature the defensive capabilities of our customers.
They UnderstooD emerging tecHnology and threats
AlchemySec is my go-to Cyber Security Consultancy, Every. Time. They are quick to answer an email for the “easy” questions, or give you the detail you need to convey an issue to a client. Having worked in both the Enterprise space, as well as the Small-to-Medium business, they understand what you are trying to achieve and knows how to get the job done. I can’t recommend them highly enough.
Our Unique Process We Developed Over 10 years.
Alchemy Security Consulting Pty Ltd provides a broad range of security assessment services to assist our customers in identifying vulnerabilities and maturing their defensive capabilities.
The scope will define the objectives, constraints, scheduling and reporting requirements for the assessment.
We will execute the assessment in line with the agreed scope.
All findings will be documented in a risk prioritised report detailing all findings and recommended actions.
A retest of key findings is performed to validate that remediation actions by the customer have successfully mitigated identified vulnerabilities without introducing further vulnerabilities or risks.
List all the benefits
Frequently Asked Questions
What is incident response?
Further to that it also gives an opportunity for the business look at lessons learnt to mature their internal incident response procedures.
What is a SIEM (Security Information and Event Management)?
How long does it take to complete an incident response engagement?
What is an incident response retainer?
Our retainers are tailored to your requirements and allow you to maximise the return on investment by allowing you to utilise your retainer to consume other services through us such as penetration testing or architecture reviews.
It’s free to chat
The Windows Name Resolution Flow You may be under the impression that turning host names into IP addresses is simple. You check: The Hosts file; then Your system’s DNS (Domain Name System) resolver That’s it right? If you don’t get a response from your local file or DNS, then the system doesn’t exist. Well, no; the name resolution flow in Windows looks something like this: Well, that’s a […]Read More
Red teaming is not a new concept within the cyber security community. However in Australia, Red Teaming is a relatively new term for most organisations. In this blog post we'll take a dive into: What differentiates a Red Team engagement from a Penetration Test. Why you shouldn't consider a red team engagement (You totally should.) […]Read More
When adding a “Password Reset” function to your application it is especially important to ensure this has the same security considerations as any other critical function within the application. Due to the nature of resetting a user’s password, along with many security considerations being overlooked, it is not uncommon for attackers to spend extra time […]Read More