Prepare for cyber attacks

Be Ready Before
The Incident Occurs

Our retainer services ensure our expert incident response team is just a call away from your teams during active incident. When a security incident has been escalated in your environment, Comodo will get on the call, investigate the incident, and remediate with no delays, so you can get back to normal business operations as quickly as possible.

After receiving a call from you, Our expert incident response team will perform following:
  • Identify the source of the attack
  • Find the root cause
  • Key event map of the incident
  • Manage and reduce the impact
  • Post Incident Planning

Our first actions will be preventing the spread of malware and quickly restoring systems and networks. Once Incident Contained and
Eradication completed. We will also perform an in-depth forensic analysis to uncover every detail of an incident.

The analyses and techniques
leveraged by our experts include:

Infection vector RCA for infection vectors
exfiltration Exfiltration & breach determination
intelligence driven hunting Intelligence-driven hunting


malware analysis reversing Malware analysis reversing
containment incident Containment of the Incident
eradication adversaries Eradication of adversaries


Incident Response Retainer Services

Managed Detection Response
Proceeds Incident Response

During Post Incident Planning our team will guide you for our unique Managed Detection Response services with Comodo's patent pending Kernel API Virtualization (Containment) technology so that we will continuously monitor & protect your endpoints, networks, assets so that you won’t need Incident Response anymore.

We will detect and eliminate any further threats to your organization before even attack harms you

Leverage OpenEDR to Save

Get No-Cost IR Retainer Services with OpenEDR

You don’t want to pay an Incident Response Retainer again? Comodo uniquely offers a no cost IR retainer 24/7/365 providing on demand Incident Response and Digital Forensic Services.

This tier provides agreed-to terms for incident response. With no upfront cost to you, a locked-in rate is established, giving your team direct access to our experts when they are needed the most. Download our Retainer Agreement, Sign and Upload here: That is as easy as it sounds. By this you will also get OpenEDR (openedr.com) OpenEDR is a full Next Gen EDR. comes with Cloud Management Portal It is one of the most sophisticated, effective EDR code base in the world and is Free!

In the event of a breach, our consultants respond with guaranteed response time SLA 1 day and availability is guaranteed with no cost.

open edr

Need Stricter IR SLA?

Comodo provides the best Value IR Retainer services even more strict SLA’s than everyone else. Down to 30 min mean response time 24/7/365 IR Service, Our expert forensic analysts, incident responders, and threat hunters will help organizations respond and successfully recover from security incidents.

Comodo IR Retainer Services Tier 0 : On Demand Tier 1 Tier 2 Tier 3 Tier 4 Tier 5 Tier 6
Online/Phone Support 24/7/365 24/7/365 24/7/365 24/7/365 24/7/365 24/7/365 24/7/365
IR on Demand Yes Yes Yes Yes Yes Yes Yes
Guaranteed Response Time (remote) 24 h 4 hours 2 hours 1 hour 1 hour 1 hour 1 hour
Mean Response Time (remote) 8 h 2 hours 1 hours 30 min 30 min 30 min 30 min
Response Time (on-site) 4 days 2 days 2 days 2 day 1 day 1 day 1 day
Hours of Work Included On Demand 40 80 110 160 240 480
Hourly Rate without Dragon Platform $399 $370 $350 $325 $315 $310 $305
Commitment No Commitment $14,800 $28,000 $35,750 $50,400 $74,400 $146,400
Are you existing Comodo customer? Already using Dragon Platform or considering it. We have much more discounts to offer.
Comodo IR Retainer Services Tier 0 : On Demand Tier 1 Tier 2 Tier 3 Tier 4 Tier 5 Tier 6
Online/Phone Support 24/7/365 24/7/365 24/7/365 24/7/365 24/7/365 24/7/365 24/7/365
IR on Demand Yes Yes Yes Yes Yes Yes Yes
Guaranteed Response Time (remote) 24 h 4 hours 2 hours 1 hour 1 hour 1 hour 1 hour
Mean Response Time (remote) 8 h 2 hours 1 hours 30 min 30 min 30 min 30 min
Response Time (on-site) 4 days 2 days 2 days 2 day 1 day 1 day 1 day
Hours of Work Included On Demand 40 80 110 160 240 480
Hourly Rate with Dragon $350 $325 $300 $295 $285 $275 $250
Commitment No Commitment $13,000 $24,000 $32,450 $45,600 $66,000 $120,000
Compare us with Crowdstrike IR Retainer service? We have best value and the best effective service.
Comodo vs Crowdstrike Online/Phone Support IR on Demand Guaranteed Response Time (remote) Mean Response Time (remote) Response Time (on-site) Hours of Work Included Commitment
Comodo Crowdstrike Comodo Crowdstrike Comodo Crowdstrike Comodo Crowdstrike Comodo Crowdstrike Comodo Crowdstrike Comodo Crowdstrike
No Commitment Plans 24/7/365 N/A Yes N/A 24 h N/A 8 h N/A 4 days N/A On Demand N/A No Commitment N/A
Tier 3 24/7/365 24/7/365 Yes Yes 1 hour 8 hours 30 min N/A 1 day 2 day 110 110 $32,450 $49,500
Tier 4 24/7/365 24/7/365 Yes Yes 1 hour 6 hours 30 min N/A 1 day 2 day 160 160 $45,600 $68,000
Tier 5 24/7/365 24/7/365 Yes Yes 1 hour 4 hours 30 min N/A 1 day 1 day 240 240 $66,000 $94,800
Tier 6 24/7/365 24/7/365 Yes Yes 1 hour 2 hours 30 min N/A 1 day 1 day 480 480 $120,000 $184,800
Act Now with Incident Response Services

Under Attack or Experiencing
Signs of a Ransomware Breach?

We can help you quickly respond to an incident, uncover full scope of attacker activities, develop a recovery plan and execute it with you.

We have full team of expert malware analysts, forensic analysts, incident responders, threat hunters, threat intelligence experts have decades of expertise helping many organizations to recover from security incidents, respond any ongoing attack, remediate security posture.

Cryptolocker, cryptowall, locky, petya, reveton, teslacrypt, wannacry, Dharma, Wallet, RYUK we are expert on Ransomware Threat Response Services: including preparedness, negotiating payment, recovery, remediation, root cause analysis, cyber insurance claims, post incident analysis. With our IR services, you can be assured that no matter the security incident we will minimize your risk and exposure as much as possible.