Incident Response
When There’s a Fire, Every Second Counts – We Won’t Leave You in the Lurch in the Event of Ransomware, Hacker Attacks, or Similar Incidents

Your Cybersecurity Contingency Plan

In many areas of our lives, we have a plan ready for the worst-case scenario. For example, emergency exits in buildings, a first aid kit in the car, or the emergency twenty dollars in our pocket. Why should cybersecurity be any different? We analyze how well you are protected against cybersecurity incidents, develop an effective emergency plan if required to ensure the correct incident response or, in the sense of an IT fire department, rectify the emergency situation together with you. You will receive customized service packages and incident response training to prepare you for an emergency – just like us. You can reach our incident response team 24/7/365.

Our experienced specialists (CSIRT) provide you with professional support in the event of ransomware and other hacker attacks. On request, we will coordinate all involved parties and assist teams in this challenging situation, regardless of whether an IT team, crisis team, management team, or the board of directors. In terms of prevention, we will test the effective and timely response of your security team using use cases and exercise scenarios for different target groups (e.g. IT department, IT security team, or CSIRT) and train your employees in dealing with cybersecurity incidents. Oneconsult is your cyber fire department, so that you can concentrate on your daily business again.

  • Experienced first responder team
  • Certified DFIR experts
  • Customized SLAs (including 24/7/365 agreements)
  • Response and prevention
  • Practical solutions
  • Proven methods
  • Short reaction time
  • Discretion guaranteed
  • Communication at the appropriate level
  • Reliable partner of companies and authorities

React Appropriately to Ransomware, Hacker Attacks, and Similar Incidents with the OC CSIRT

The techniques used in incident response include:

  • Identification and isolation of infected or compromised systems
  • Determination of the cause and/or gateway of infection
  • Development of short-term measures to contain the incident quickly and effectively
  • Creation of an action plan to address the incident and prevent future incidents
Incident Response

After completion of the assignment, you will receive a final report tailored to the target group, which includes the following information:

  • Management summary
  • Initial situation
  • Procedure
  • Insights
  • Recommended measures to be taken

Optionally, the incident and the findings are explained and discussed in detail during the final meeting.

Want to find out more? We would be happy to answer your questions. You can find out how to reach  us here.

Confirmed by our statistics

Every day, companies around the world rely on our expertise. This is confirmed by our statistics in addition to our long-standing customers.


Incident Response


SMEs accompanied


Large-scale operations


We break into your company. You determine the question to be answered: Can I be hacked (red teaming) or will my team react correctly (blue teaming)? Or should the focus be on the interaction of offense and defense together with our ethical hackers (purple teaming)?

Systematic testing of your assets: Whether application, cloud, control or production system (ICS: SCADA/DCS), security system, aircraft, power plant, or train. We love the challenge and hack anything that is networked.

Your fire department for cybersecurity incidents. When there’s a fire, every second counts. Our computer security incident response team (CSIRT) provides competent support in correctly responding to ransomware, hacker attacks, and the like, and coordinates all involved agencies on request. Oneconsult extinguishes every cyber fire with you, so that you can concentrate on your daily business again.

Your fire investigators for digital incidents. After a security incident, our IT forensic experts systematically search for digital traces in a way that is suitable for court and clarify questions about how and why the incident occurred.

Your cybersecurity hub for security novices and professionals. Experienced trainers impart their expertise for people and companies that make the world safer – cutting-edge, practical, and oriented toward the target group. Increase the security awareness of your employees, achieve difficult certifications, develop secure software, or become an ethical hacker together with the Oneconsult Security Academy.

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 12:00 p.m. and 1:00 p.m. – 5:00 p.m (exception: customers with SLA – please call the 24/7 IRFA emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

Add CSIRT to contacts