Incident Response Services

Mossé Security offers rapid and thorough incident response services to clients facing security intrusions. Through in-depth digital forensics and reverse engineering analysis, we help clients recover from significant security breaches. Call or email us today to learn more about this vital response service.


Mossé Security offers three tiers of Rapid Incident Response Services tailored specifically to the size and industry of your organisation. Upon being retained, we rapidly increase the speed of your intrusion response while training your IT team on best security practices to handle future intrusions as well.

Our capabilities include:

  • Digital Forensics
  • Incident Management
  • Malware Analysis
  • Code Deobfuscation
  • Threat Intelligence
  • Security and risk Assessments

Since 2010, Mossé Security has responded to hundreds of security incidents all over Australia (Melbourne, Sydney, Canberra, Brisbane, and Perth). This scope and experience make us uniquely qualified to be of service to the NSW government.

Download the brochure >

Threat Actors

Amongst the types of threat actors Mossé Security has experience responding to include:

  • Ransomware and traditional malware
  • File-less remote access trojans (RATs)
  • Malicious insiders and accidents caused by the IT team
  • Persistent attackers that use the client’s own insecure configuration of its IT infrastructure to maintain long-term network access and evade detection

Australian Threat Intelligence

Mossé Security tracks numerous threat actors targeting Australian organisations. From time to time, we publish threat reports:

Incident Response Plan and Methodology

The following diagram shows Mossé Security's workflow when responding to major cyber incidents:

Mossé Security's workflow when responding to a major cyber attack. This diagram demonstrates our incident response plan and methodology.

Click on the diagram to open a larger version.

Key Achievements

  • Via our Institute, our team trains other top CERT/CSIRT/DCO teams in Australia. For example, the Australian Defence Force engaged us to prepare operators part of the Cyber Protection Teams (CPT) for deployment in the field against nation-state threat actors targeting Australian key cyber terrain
  • We helped several enterprise customers contain and recover from ransomware attacks where the adversaries had obtained domain administrator privileges and launched the malware from SCCM. In all cases, our Team was capable in identifying the vectors of entry, upgrade the network into a defendable state, remove the adversaries from the network and assist our customers recover from backups
  • Our Company tracks multiple threat actors targeting Australian organisation. Most notable is the CRIME OSCAR gang that targets companies in the energy and utility sector. We assisted a customer respond to a major breach where CRIME OSCAR almost stole 2.1 million dollars from them. Our Team was able to prevent the adversary from achieving their mission, we identified the employees that had their machines compromised, removed the adversary from the network and deployed security upgrades across the production network to prevent future attacks

Our Certifications

Our team undertakes 2,000+ hours of pre-deployment training per year. Here are some of the certifications we hold and maintain:

Free Project Consultation, Scoping and Quote

Call us on 1300 730 035 or submit the form below
Mossé Security's team of cybersecurity experts are ready to deliver cybersecurity professional services to your organsiation.