Symantec Incident Response Retainers and Readiness Services

Get ahead of threats with a continuous program

Create a partnership with experts who know your organization and environment, improving speed to contain and minimize the impact of an incident.

Receive the Personalized, Value-added Service Your Organization Needs

Incident response is a strategic program that enables continual security program maturity by identifying recommendations to prevent incident reoccurrence.

Improve incident response times, lower response costs, improve overall response effectiveness, and implement a continuous improvement process with the following features:

  • Specialized Service Management - Receive personalized care with your assigned Service Manager. Service Managers are assigned based on market segment and organization size so we can most effectively leverage our vertical expertise.
  • Emerging Threat Reports -Stay informed of the threat landscape and assess how your security posture may be impacted with our Emerging Threat Reports.
  • Pre-Negotiated Terms - Avoid contract negotiation in the middle of an incident and shift to a more proactive and programmatic response.
  • Pre-Paid Incident Investigation - Stay agile and be ready for the next attack. When outside assistance is needed we offer pre-paid fly-to-site and remote incident support.
  • Service Level Agreements - All of our retainers are available with global, in-route 24 hour, 48 hour, or priority access SLAs to ensure we’re there when you need us.

Discover Our Community

View the latest product discussions in our forums.

Establish Terms and Conditions Before an Incident Occurs

A breach is no time to exchange business cards. Establish a set of terms and conditions so that during an incident you get services how you need them and you get them fast.

Take advantage of our pre-packaged offerings or customize a retainer that provides your organization with exactly what you need.

Custom options are available that let you choose the SLA, pre-purchased time and global region in which your organization requires incident readiness and response.

Symantec is leveraging our capabilities to assist customers from pre-breach to post-breach, enabling you to improve your overall cyber security resiliency.

Feature Standard Enterprise Advanced Enterprise Custom
Specialized Service Management
Emerging Threat Reports
Remote Assistance SLA 12 hours 12 hours 12 hours 12 hours
Call Back SLA 3 hours 3 hours 3 hours 3 hours
Fly to Site Investigation SLA Priority Access 48 Hours In Transit 24 Hours InTransit 24 or 48 Hours In Transit
Pre-paid Fly to Site Incident Investigation 10 days 30 days 60 days 5-500 days
Discounted Pricing for Additional Responders
Ability to use Pre-Paid Time for IR Plan Assessment, IR Plan Development, Tabletop Exercises, Advanced Threat Hunting

Prepare Your Organization with Readiness Services

Bolster your organization’s readiness and ability to handle an incident with the following services provided by Symantec:

  • Incident Response Plan Assessment - Examine your current incident response plan across strategic, operational and tactical angles to identify where, if any, actual or potential gaps exist.
  • Incident Response Tabletop Exercises - Onsite testing and refinement of your response plan and process.
  • Advanced Threat Hunting - Proactive search across your network to uncover and eradicate the presence of compromises and threat activity previously unidentified in your environment.
  • Incident Readiness Assessment - Assessment of existing ability to respond and provide recommendations to reduce the time between incident detection and resolution.
  • Specialized Service Manager - Experienced service liaisons that are experts in your industry and will manage your incident from beginning to end.
  • Executive and Management Preparation - Executive engagements to achieve response objectives, facilitate PR activities, and communicate clearly during every step of the investigation.