Coalfire Partnership

Home / Partners / Coalfire Partnership

Cybersecurity that fuels success

How Arete & Coalfire work together

Together Coalfire and Arete offer End-to-End Incident Response (IR) capabilities, from planning through remediation.

Coalfire and Arete partner to provide customers with a complete and comprehensive set of Incident Response services through the IR lifecycle. Capabilities include IR program assessment and requirements analysis, proactive IR preparation and playbook development, and emergency hotline services. The partnership also provides customers with IR tabletop exercises for comprehensive event preparation, as well as incident triage, investigation and forensics, and breach containment/eradication services.

Experience addressing cyberattacks

Coalfire and Arete have more than 20 years of experience analyzing multiple types of cyberattacks, including:

  • Insider threats: The activities of former and current employees, contractors, or business associates who have inside information on the organization
  • Financial crime: Securities, credit card, and banking fraud at stock markets, payment organizations, and financial institutions
  • State-sponsored attacks: The crimes of trade secrets and other sensitive data across a wide range of industries
  • Destructive attacks: Attacks intended to cause the victim organization pain by making information or systems unrecoverable
  • Protected Health Information (PHI): Exposure of protected health care information
  • Personally Identifiable Information (PII): Exposure of information used to uniquely identify individuals

Our Offerings

Our team provides a broad set of Incident Response Services:

Specific Preparation Services include:

  • On-site or remote requirements analysis: Interview key stakeholders to assess the operational environment and determine any special requirements
  • Incident response plan development: Prepare for and respond to cybersecurity attacks more efficiently with a proven response plan
  • Annual or semi-annual status review and refresh: Review and identify any changes needing modification with the in-place incident response plan
  • Tabletop exercise: Hold a two-hour roleplaying session of likely attack scenarios and discuss the actions to be taken as part of the response plan

Incident Response Support includes:

  • Incident response hotline access: Access incident support related to a breach, available remotely (within one to four hours) or onsite (within 12 to 24 hours)
  • Incident triage: Organization and planning for cyber incident response activities, including assistance in identifying potentially compromised hosts
  • Incident investigation / forensics: Root cause identification of the cyber incident including memory and disk image forensic review
  • IR containment services: Identification and deployment of compromised host containment activities, including potential removal or segregation of compromised hosts from the environment
  • Eradication services: Removal of the malicious or unauthorized infections
  • Post-Incident Support includes: Remediation and Engineering Support: Guidance on best practice activities and technologies to reduce the likelihood of another cyber incident

Our unique value proposition

World-class expertise

  • Experience working hundreds of incident response cases, including some of the world’s largest and most complex
  • Incident-related communications, including malware reverse engineering to help resolve an incident, return to normal operations, and prevent recurring incidents


  • The trusted advisor to many law firms, federal government agencies, and public and private organizations

Faster, high-value results

  • Development and improvement of your program at every stage in the incident response lifecycle
  • Quick incident resolution, which lowers costs significantly and empowers executives to make the right business decisions
  • Technology-agnostic – leveraging your current technology investments to provide quick, effective support

One stop shop: preparation, incident response, remediation

  • Coordination, communication, and reporting on every aspect of incident response activity
  • Efficient support provided because we learn your environment during the preparation phase
  • A comprehensive report of the investigation with recommendations, including executive and board-level summaries of our findings

Reliable operations

  • Customer contact within 1 to 4 hours for remote assistance, and in as little as 12 to 24 hours for onsite assistance
  • Experts on standby 24×7 to help when you need it the most

Incident Response Retainer and Advisory Services

About Coalfire

Coalfire is the cybersecurity advisor that helps private and public-sector organizations avert threats, close gaps, and effectively manage risk. By providing independent and tailored advice, assessments, technical testing, and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives, and fuel their continued success. Coalfire has been a cybersecurity thought leader for more than 16 years, and has offices throughout the United States and Europe.

For more information, visit