One of our core competencies at ColdPath is incident response, specializing in web applications and their associated infrastructure. Our team members were part of the investigative team researching and disclosing findings in 2013 in regards to CDork, a malicious payload responsible for embedding malicious iFrames on every site on the server.
Through our research, and in partnership with other researchers, we were able to draw correlation between the malicious Apache modules that were being used to disseminate the malware, and the modified SSH binaries that were used to retain access post-compromise.
This team literally built the playbook for incident response services at Sucuri, and together redefined what malware removal is for micro-businesses. They built the foundation that is used today to serve 100’s of thousands of customers around the world.
Incident Response Services for Businesses
ColdPath has built on this foundation, and is extending its capabilities to help expand beyond malware removal to include forensic services.
This expansion in capability comes after years of serving customers and realizing we were missing answers to a few very important questions:
- How did the bad actors get in?
- Do the bad actors still have access?
- Has the vulnerability been patched?
- Have future exploits been mitigated?
Being able to answer these questions, however, requires two very important ingredients: time and monitoring. If your organization has the appropriate monitoring in place, then ColdPath is the organization you want to partner with to better understand what happened and to ensure it doesn’t happen again.
Features of the Service:
This feature includes the following key features:
- Malware identification and removal;
- Security assessment of the environment;
- Forensic service to identify what happened;
Optional Services include:
- Security hardening (according to organizational policy) (optional);
- Monitoring deployment (optional);
- Managed security services (optional);
Our services work at the server level, and account for the entire environment. It assumes appropriate data is available to conduct forensic services. It is also dependent on having root access to an environment.
More Information Available
ColdPath is your organization of choice when it comes to complex security incidents negatively affecting your businesses continuity.
For more information send an email to info@coldpath.net or submit an inquiry.