In the event of a security incident, our Rapid Response Force is available 24/7. 

Countering a cyber attack with the Fast Incident Response taskforce (FIR)

The Fast Incident Response taskforce (FIR), a pillar of our CERT, is a team of experts in incident response. It can be mobilized in the event of a cyber emergency. Its aim is to contain a cyber attack and limit the impact on the victim’s business.

Contact us


successful cyber attacks against public and private organizations in 2022.
Asterès – Le coût des cyberattaques réussies en France – juin 2023

Are you prepared for a cyber attack?

As soon as a cybersecurity incident is suspected, the Fast Incident Response’s consultants intervene, from identifying the impacted perimeter to implementing remediation solutions to limit the operational impact.

Over 45% of our interventions involve ransomware/malware, which can cause irreparable damages and impacts your production and brand image.

In addition to technical analysis, we also have the capacity to lead crisis management, intervene on the legal aspects and help you adopt the right posture in the event of a ransom demand.

By subscribing to this service, you are guaranteed rapid response and intervention times, helping you to understand and remedy what has happened, so that you can start again on a sound footing.

Limit the business impact of an attack and react quickly in the event of compromise

A 24/7 multidisciplinary team

Formind’s experts (incident managers, analysts, legal experts, crisis management, personal data protection – RGPD and communication consultants) can combine their skills to bring you the best response depending on the timing of the incident. Our 24/7 response capability is built around the diversity of our offices’ locations, enabling us to cover you based on the “Follow The Sun” approach and provide on-call coverage for weekends.

An on-point monitoring

The implementation of a monitoring tool is necessary to ensure that the attacker is still not present within the company’s information system. It also speeds up investigations for the FIR team and increases the level of protection.

Formind deploys an EDR/NDR platform in less than 3 days, then monitor it for 1 to 2 months, and guarantees that the threat will not stay hidden in your system.

Crisis management

Crisis management enables us to steer the evolution of an attack by :

  • Limiting the impact of the incident on the organization.
  • Organizing the return to work in the best possible conditions.
  • Helping you with legal and administrative procedures.

A variety of field feedbacks

The FIR Formind is, and has been, confronted with numerous attack scenarios (ransomware, phishing, viral propagation, president fraud, etc.), in both simple (information systems with few assets) and complex (decentralized information systems, few traces, etc.) environments. This extensive amount of feedback enables us to be more efficient: reduce incident handling time by a factor of 2.

Acquire the reflexes needed to respond appropriately: appease operational teams, go into crisis if necessary.

Clear, tailored offers

AS A RESCUE (without subscription)

  • Quick reply to your solicitation and start of the remediation.
  • Qualification and assessment of the situation to estimate the time required to a return to normal operations.
  • “Pay-as-you-go”
  • No availability guaranty

AS A SERVICE (subscription)

  • Answer guaranteed within 4 hours (business hours only)
  • Incident response is guaranteed to start within 1 day
  • A fixed number of days included, with the possibility of postponement or conversion if they were not used.
  • Inventory and audit of response capabilities.

AS A PREMIUM SERVICE (subscription)

  • 24/7 service
  • Answer guaranteed within 2-hour
  • The start of the incident response is guaranteed within 1 day
  • A fixed number of intervention days included, with the possibility of postponement or conversion if they were not used
  • Inventory and audit of response capabilities

Our customer references

Compromise of a sensitive mailbox resulted in several thousand phishing e-mails sent

  • Intervention: Forensic investigation to search the attack vector. Discovery of a malicious invoice worth several hundred thousand euros. Deployment of a Microsoft online protection system.
  • Result: Billing prevention, enhanced security and detection capabilities for their Microsoft tenant.

Understand how and where the denial of service that frequently disables the corporate site originates.

  • Intervention: Forensics and threat intelligence (ROSO/OSINT)
  • Result: Discovery and reporting of IPs belonging to a botnet, assistance with anti-DDoS/logging.

Analysis of the employee’s activities to ensure that administrative rights have not been illegally used

  • Intervention: data infiltration, e-mail espionage and use of infrastructure’s resources for unauthorized purposes…
  • Result: a detailed report of illegitimate actions carried out, with supporting evidence. Identification of configuration faults allowing access, and a list of recommendations to reinforce traceability and infrastructure security.


When should I call on the Rapid Response Force?

As soon as you have a doubt, give us a call. Our experts will discuss the nature of the incident with you.

Do I have to be a subscriber to use the FIR service?

No, you can call us at any time, you just don't get the best response guarantees. Just subscribe!

When does the FIR service end?

When returning to an acceptable safety condition.

Let's stay in touch

Our experts can provide you with ongoing support for your cyber issues. Do you have a question? You’ve come to the right place, and we’ll get back to you within 24 hours!

Contact us