About this software
A prepaid retainer for remote incident response services delivered by Kaspersky’s incident response team, billed as a block of hours and valid for one year. The European edition provides access to remote expertise for investigation, containment, and remediation activities under a single contracted engagement.
Intended for organisations seeking predictable access to external incident responders and preallocated response capacity during the contract period.
Purchase
Kaspersky Incident Response
In Stock
Delivery: 1 working day
Loading...
€292.50
Free and without obligation
Do you need more information or looking for another license?
Benefits
- Prepaid response hours: Provides a block of remote incident response hours for planned access.
- Remote delivery only: Incident response delivered remotely by Kaspersky specialists without on-site visits.
- One-year validity: Hours are available to use during a one-year contract term.
- European edition availability: Offered specifically as a European edition to align with regional delivery requirements.
- Access to incident experts: Connects organisations with Kaspersky incident response personnel for investigations.
Available languages
- English
- German
- French
Support information
- Contract term: The retainer is issued for a one-year contractual period.
- Delivery method: All incident response services are provided remotely under this offering.
- Regional edition: This listing refers to the European edition of the retainer offering.
- Hour blocks: The product is sold as a block of predefined response hours to be consumed.
- Engagement scope: Workscope and use of hours are governed by the retainer agreement terms.
Frequently asked questions
What is Kaspersky Incident Response used for?
A solution designed to help organizations detect, investigate, and respond to cybersecurity incidents by collecting and analyzing endpoint and network data to support containment and remediation decisions.
How does it help with incident investigations?
Provides analysis tools and timelines to correlate events, identify likely root causes, and prioritize affected systems for follow-up actions and remediation planning.
What data sources does it use for detection and analysis?
Typically leverages endpoint telemetry, process and file activity, and available network and log data to build a consolidated view of an incident.
Can it integrate with existing security tools and workflows?
Supports integration with security operations workflows, enabling export of findings, alerts, and artifacts to SIEMs, ticketing systems, or automation tools where supported.