Incident Handling & Response
CUTTING-EDGE technologies and top cyber experts to effectively manage security incidents

An integrated knowledge base to dynamically measure IT risks
Reaction to accidents led by AI

Incident Handling & Response Solutions

Leonardo offers solutions for the monitoring, analysis and containment of security incidents, through decision support systems based on Artificial Intelligence and the skills of highly qualified experts in the analysis and management of cyber attacks, operating in our Computer Security Incident Response Team (CSIRT). 

AI to support strategic decisions

AI Decision Support System

operates in the decision-making and remediation process related to a cyber threat that could potentially damage a critical infrastructure at technological and organisational level.

  • Prioritization & escalation

Security Operators monitor the infrastructure to be protected, focusing on high risk threats. At the same time, potentially damaging cyber security events are evaluated by threat intelligence analysts and the company management.

  • Action & resolution

Through the use of operational suggestions provided by the system, intervention decisions are turned into detailed business and technological remediation actions, and implemented to ensure operational continuity of the organisation under attack.

Innovative Technologies

Leonardo AI Decision Support System is based on state-of-the-art technologies exploiting correlation of data and information sources, traditionally processed separately, to dynamically measure the impact of cyber threats and to provide decision support.

  • Dynamic risk calculation

The system automatically and dynamically quantifies threat effect on the organisation assigning a “scorecard” to each configured entity. This is done according to the specific characteristics of the infrastructure to be protected, using machine learning and clustering algorithms.

  • AI Operational Suggestions

For each scorecard, the system automatically generates operational suggestions containing a proposal for intervention actions, relying on artificial intelligence technologies to learn from past experiences and propose solutions appropriate for the current situation.

Top Experts’ Continuous Support

Our Incident Handling & Response solutions are based on highly specialized skills and investigation experiences developed in specific cyber defence domains.

  • Intelligence operation Center

Leonardo's IoC analysts intervene to deepen the anomalies reported by the decision support system, corresponding to high risk levels, evaluating the potential dangerous cybernetic event in relation to the open sources information.

  • Computer Security Incident Response Team

Once the incident has occurred, our CSIRT supports security operators, monitoring the infrastructure under attack, through malware analysis, software remediation and support for ex-post investigation activities.    


Cyber & Digital Solutions
For any further information about our products and solutions
Contact Us
There are no results.