Keepnet Labs Logo
Keepnet Labs > brochures > incident-responder

Incident Responder Brochure

Incidents of email-based attack are reported by end-users (using our plugin technology), SOC team members and 3rd party IOC feeds to the Keepnet Incident Response Platform (IRP).

Once received, the IRP analyses the header, body and attachments using our proprietary technology in addition to a number of integrated, best-in-class services for Anti-Spam, URL Reputation, Anti-Virus, Malware Sandboxing etc.

Keepnet will also integrate and automate other threat analysis services you may have, such as Fireeye, Bluecoat or Palo Alto, saving you time and reducing your technical dependency. It is a simple process to create custom rules, playbooks and workflow to ensure Keepnet IRP responds to threats in ways that suit your specific policies.

On completion of the analysis, Keepnet IRP delivers detailed results, with industry-leading certainty, to the SOC team for further investigation and response.


A unique feature and major benefit of Keepnet IRP is all investigation is done directly on the user’s inbox instead of at the server exchange, giving you maximum agility and reducing response time.

After finding all instances of an attack Keepnet IRP offers a suite of response options. Malicious messages can be flagged with a warning in the user’s inbox, they can be deleted from the inbox or Keepnet can call a custom API to perform another action e.g. call the user’s phone.

Additionally, Keepnet IRP will generate SNORT and YARA alarm signatures to update your other cyber-security technologies.

Incident Responder Brochure



Download Brochure

Schedule your 30-minute demo now

You'll learn how to:
tickAutomate behaviour-based security awareness training for employees to identify and report threats: phishing, vishing, smishing, quishing, MFA phishing, callback phishing!
tickAutomate phishing analysis by 187x and remove threats from inboxes 48x faster.
tickUse our AI-driven human-centric platform with Autopilot and Self-driving features to efficiently manage human cyber risks.
iso 27017 certificate
iso 27018 certificate
iso 27001 certificate
ukas 20382 certificate
Cylon certificate
Crown certificate
Gartner certificate
Tech Nation certificate