Vendor List

A preferred partner of cyber insurance carriers, Arctic Wolf Incident Response (formerly Tetra Defense) secures environments and collects forensic evidence in parallel to support faster recovery. It also offers round-the-clock monitoring for cyber threats.

With a particular focus on ransomware, Arete determines what options beyond paying ransom may exist for recovering data; leads ransom negotiations if necessary; and advises business about, helps deploy, and manages endpoint detection solutions to guard against future threats.

Blackpoint uses an integrated ecosystem of services centered on 24/7 managed threat detection and response. Its special focus is cloud security, and will act against malicious threats in real time on clients’ behalf.

CRA consultants focus on six aspects of cybersecurity: due diligence (pre- and post-acquisition threat assessments), IR (from initial forensics to post-incident reviews), Cyber Insurance claims (including settlements and expert testimony), strategic advisory services, software licensing compliance, and eDiscovery.

For an annual fee, Concierge provides 24/7/365 access to as-needed, pay-as-you-go services—including emergency response, risk assessment, and employee training—from third-party specialists at discounted rates. Membership sometimes covers Cyber Insurance policy exclusions.

Crowdstrike is a unified, cloud-native platform using proprietary AI to secure endpoints, workloads, data, and identity. Crowdstrike also offers simulations to train employees how to respond to sophisticated threat actors.

CyNet’s streamlined, natively automated end-to-end platform makes cyber security more affordable to more organizations. Its IR services use automated investigation, with dedicated project managers keeping in close contact. CyNet offers white label options for technology partners.

Cypfer supports technical, legal, social and HR breach responses for global insurance carriers, prominent law firms, and Fortune 1000 organizations. Their services include cyber attack and ransomware first response and recovery, advisory services, and digital executive protection.

CyRisk helps identify and fix vulnerable systems using continuous monitoring and zero-day exposure intelligence, before these gaps lead to losses. CyRisk’s rapid IR team conducts forensic analysis and implements risk mitigation going forward.

Kivu helps organizations contain and recover from cyber attacks using a unique, patented IR methodology. Kivu also conducts threat assessments and simulations as part of its advisory services, and actively monitors the web and dark web for clients’ data.

Kroll offers immediate, emergency IR assistance via a 24/7 hotline. Response services span the incident lifecycle, from IT forensics to litigation support. Other services include penetration testing, and credit and identity monitoring for individuals affected in breaches.

MDD can help determine what businesses must pay to repair or replace equipment damaged in a breach, and to secure their systems. MDD provides expert witnesses when incidents lead to litigation, and helps parties reach rapid, equitable settlements.

Moxfive streamlines the IR with a platform that offers a centralized view of project details and milestones, and an experienced Technical Advisor who can advise clients on the most efficient and cost-effective responses.

Mullen Coughlin represents organizations facing data privacy events and information security incidents. It also provides 24/7 crisis management services, security monitoring, and education on pre-breach federal and state regulatory compliance.

OnDefend offers proprietary solutions designed to help third-party cyber security providers scale their services. These white-label solutions include not only IR capabilities but also consultation through its “BlindSPOT” breach and attack simulations.

Pondurance clients pay for only services they need, which may include managed detection and response from 24/7, U.S.-based security centers; digital forensics and incident response; or advisory services on such issues as PCI and HIPAA compliance.

SecurityScorecard Cyber Resilience Services help organizations defend, respond, and scale cybersecurity and third-party risk management programs.

Their Cyber Resilience Services team brings 100+ years of collective experience in cybersecurity investigations across government and private sectors, with specialties in: Digital Forensics, Incident Response, Penetration Testing, Red Teaming, Tabletop Exercises, and Third-Party Risk Management.

SpearTip’s 24/7/365 Security Operations Center works in a continuous investigative cycle to provide breach investigation, IT remediation, decryption, and data mining (detecting data patterns to identify vulnerabilities and collect baseline indicators).

Focused on ransomware and business email compromise recovery, Tracepoint offers full-service IR, remediation and recovery solutions. Its monitoring and other active defense services reduce opportunities for threat actors to exploit.

A strategic advisor to CISOs around the world, Unit42 IR services stress rapid forensics and complete remediation, along with reporting that stands up in litigation. It offers 24/7 managed threat detection and response, and cyber correspondence services.