Incident Response Retainer
Reduce your incident response time and minimize breach
impact with FireEye Mandiant on speed dial
The Mandiant Incident Response Retainer
(IRR) gives your organization the ability to quickly identify
malicious activity and receive contextual intelligence on attacks —
enabling faster and more effective response to cyber incidents.
What are your business and security requirements?
Retainer agreements can be packaged in
different ways to match your needs. Consider these factors.
Budget. Confirm the number of prepaid hours and the hourly
rate for additional hours.
Unused hours. Ask what happens if you don’t use your prepaid
hours during the contract term.
Response Time. Get service level agreement (SLA) details for
remote and onsite consulting. 2 or 4 hour SLAs are available.
Terms. Confirm the length of retainer—most are 12 months—and
payment terms, such as whether you need to pay up-front.
Cyber insurance. Consider how your cyber insurance policy
reimburses for incident response (IR) expenses and ask your insurer
about lower premiums if you can show a proactive approach to cyber
The Incident Response Retainer also comes
standard with all Expertise
On Demand subscriptions.