Microsoft Incident Response
Your first call before, during, and after a cybersecurity incident.
Announcing the Microsoft Incident Response Retainer
The Microsoft Incident Response Retainer is now generally available. This service provides prepaid blocks of hours for highly specialized incident response services before, during, and after a cybersecurity crisis.
Intelligence-driven incident response
Strengthen your security with an end-to-end portfolio of proactive and reactive incident response services.
Rely upon global incident response all day, every day, with options for onsite and remote assistance.
Take advantage of the depth and breadth of Microsoft Threat Intelligence and unique access to product engineering.
Benefit from longstanding Microsoft partnerships with government agencies and global security organizations.
Dedicated experts work with you before, during, and after a cybersecurity incident.
Proactive incident response services
Receive a point-in-time, deep analysis of your environment, including proactive investigation for persistent threats and security risks.
Reactive incident response services
Get global investigation and guidance—all day, every day—to help evaluate incident scope, contain attacks, and restore critical systems, with options for onsite and remote.
Remove attacker control from an environment, regain administrative control after a cybersecurity incident, and tactically harden high-impact controls to help prevent future incidents.
Incident Response Retainer
Retain Microsoft expertise to respond and recover fast
Get peace of mind with the Incident Response Retainer, which provides flexible prepaid hours to help you prepare for and respond to cybersecurity attacks.
Experiencing a cybersecurity attack?
If you’re an enterprise, government, nonprofit, or education customer—new or existing—Microsoft can help evict bad actors from your environment and repair your defenses.
Learn how Microsoft Incident Response helped secure Albania
Dive into this story and panel discussion about the nation-state sponsored attack on Albania and how Incident Response helped evict them and build back the country’s defenses.
Microsoft Security best practices
Get clear, actionable guidance for security-related decisions.
The Cyberattack Series
Go behind the scenes for an inside look at real-life cyberattack investigations in The Cyberattack Series.
Microsoft Security Experts Roundtable
Discover new vulnerabilities and learn from industry experts about critical security issues.
Get incident response services from experts
Let Microsoft Incident Response help before, during, and after a cybersecurity incident by removing bad actors, building resilience, and mending your defenses. Contact your Microsoft account executive to learn more.