# IR Responsibilities

#### **Incident Response: Your Partner in Resolution, Not Just Detection**

As a core component of our SIEM/SOC service, every plan includes a minimum of **4 hours of dedicated Incident Response** and **unlimited ad-hoc support** for confirmed security incidents. This is our commitment to you: when a breach occurs, the CybrHawk team assumes full responsibility and accountability for guiding you from chaos to complete resolution.

**Our End-to-End Responsibility**

We don't just alert you and step away. We own the outcome.

* **Breach Identification & Analysis:** We determine the scope and root cause of the incident.
* **Threat Hunting & Eradication:** We proactively hunt across your environment to ensure no other assets are compromised and that all traces of the threat actor are removed.
* **Containment & Isolation:** We execute immediate containment strategies, including network isolation of affected assets if required, to prevent further damage.
* **Forensic Assurance & Closure:** We provide a complete forensic report with evidence of the breach and its eradication, giving you confidence that the incident is fully resolved.

**The CybrHawk Advantage: Built-In "Pre-Crime" Forensics**

Because our SIEM platform acts as a continuous recorder, a breach is often **captured in our logs even if it was not initially detected**. This unique capability allows us to perform a full forensic investigation, providing a clear timeline and understanding of the attack that other providers cannot match.

To ensure a swift and effective response, our roles are clearly defined:

| CybrHawk SOC Team is Responsible For:                                                                                                                                                                                                 | Your IT Team is Responsible For:                                                                                                                                                              |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| <p>✅ Leading the incident response investigation.<br>✅ 24/7 threat hunting and eradication.<br>✅ Providing expert advice on remediation.<br>✅ Validating remediation actions.<br>✅ Delivering a full forensic report and closure.</p> | <p>✅ Applying remediation steps (e.g. changes).<br>✅ Rebuilding or restoring affected systems.<br>✅ Implementing recommended security uplift.<br>✅ Managing internal stakeholders' comms.</p> |

**Your Single Point of Accountability**

There is no need to engage expensive external digital forensics and incident response (DFIR) consultants. We are your single, fully accountable partner, equipped to manage the entire lifecycle of a security incident from start to finish.

Our goal is not just to find threats, but to ensure they are completely eliminated and your business is secured against future attacks.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://cybrhawksoc.gitbook.io/cybrhawk-docs/security-operations/incident-response/ir-responsibilities.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.