Black Ghost Corp
🚨 Active incident? Reach out now:contato@bgcorp.com.br

When an attack happens,
every hour counts.

Black Ghost Corp offers incident response with activation in under 2 hours. Containment before damage becomes catastrophe. Full forensics. Documented recovery.

Activate now β†’Book preventive call
01 / WHEN TO ACTIVATE

Six signals that you need us now.

πŸ”

Ransomware

Encrypted systems. Ransom message. Operations halted.

πŸ“§

BEC β€” Compromised Email

Corporate email account compromised. Payments redirected. Employees receiving suspicious internal messages.

πŸ“‚

Data Exfiltration

Suspected data leak. Files accessed without authorization. DLP alert triggered.

⚠️

Anomalous Behavior

Unusual network traffic. Logins at suspicious hours. Unknown processes running.

🌐

Defacement or DDoS

Website defaced. Services unavailable. Application responding incorrectly.

πŸ”‘

Compromised Credentials

Privileged account password leaked. Unauthorized access detected. SIEM alert.

02 / OUR RESPONSE PHASES

From activation to recovery.

0–2hPHASE 01

Identification and triage

We assess the situation in real time. We identify the threat type, affected surface and urgency. Immediate guidance for your IT team while our team mobilizes.

2–12hPHASE 02

Containment

We isolate compromised systems to prevent spread. We preserve evidence for forensic analysis. We block identified attacker access vectors.

12–72hPHASE 03

Forensic investigation

We investigate how the attack occurred, the entry vector, how long the attacker was in the network, what data was accessed or exfiltrated, and the true extent of the compromise.

parallelPHASE 04

Eradication

We remove all attacker presence: malware, backdoors, created accounts, configuration changes, persistence in registries or scheduled tasks.

post-eradicationPHASE 05

Recovery

We restore systems from clean backups. We validate environment integrity before reconnecting to the production network.

final deliveryPHASE 06

Report and lessons learned

Complete forensic report (essential for compliance, cyber insurance and legal proceedings). Root causes and improvement plan.

03 / PROACTIVE PREPARATION

Don't wait for an attack to figure out what to do.

We develop custom Incident Response Plans (IRP) for your company β€” before you need them.

β†’

Specific playbooks by incident type (ransomware, BEC, data breach)

β†’

Decision tree and escalation matrix

β†’

Communication templates (for clients, press, regulators)

β†’

Tabletop simulations (crisis exercises)

β†’

Annual review and update

Request IRP proposal β†’
04 / WHAT WE DON'T DO

Clarity before any engagement.

βœ—

Recommend ransom payment without full technical analysis β€” criminals don't honor agreements

βœ—

Promise full recovery when backups are compromised β€” honesty before hope

βœ—

Work without NDA and documented authorization β€” mutual protection is non-negotiable

βœ—

Guarantee attacks won't recur without a structured improvement plan

05 / ACTIVATION

If it's happening now, don't waste time.

We respond to emergencies 24 hours a day, 7 days a week. Initial response time: under 2 hours.

WHATSAPP+55 (31) 98267-9033
EMAILcontato@bgcorp.com.br
PROACTIVE PLANNINGBook preventive IRP β†’