Unit 42 IR Services a Strong Performer in the Forrester Wave™

Apr 04, 2022
3 minutes

This post is also available in: 日本語 (Japanese)

“Palo Alto Networks is in the IR game now…”

The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022


We’re excited to announce Palo Alto Networks is recognized as one of the cybersecurity incident response providers “that matter most” and named a Strong Performer for its Unit 42 offering in The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022. This marks the first time that Unit 42 has been included in an incident response analyst report and the first time Palo Alto Networks has been included in a cybersecurity services report. We believe this recognition validates our threat-informed approach to incident response and our accelerated growth in this market.

Forrester used a 24-criterion evaluation to research, analyze and score the 13 most significant incident response providers. Unit 42 is among these IR providers that are characterized by “significant mindshare with Forrester clients,” that “acted as lead investigator in 100+ incident response engagements in the past 12 months” and that “participated in cyber insurance carrier panels or referrals.”

Unit 42 received the highest possible score in the Cloud Environments criterion, as well as in the Execution Roadmap and Technology criteria. We received on-par scores in the criteria of IR Retainer Structure, Incident Preparation, Incident Simulation, Incident Response, Recovery, Ecosystem Collaboration, Industrial Control System Environments, Response Leadership and Team Structure, Technical Investigator Expertise, IR Talent Management, Metrics, and Contribution to Cybersecurity Industry.

Forrester recommends that customers should look for a cybersecurity incident response service provider that can:

  • “Prepare you for the worst and keep you insured in the process…
  • Truly understand the legal and regulatory landscape…[and]
  • Support the long tail of incident response.”



The Palo Alto Networks Unit 42 Approach to Incident Response Services

We believe that these recommendations align 100% with the approach Unit 42 takes to partnering with our clients. Less than a year ago, we combined the forces of our world-renowned threat intelligence team with the elite team of incident responders and cybersecurity risk consultants who joined the company as part of the Crypsis acquisition in late 2020. Together, the new Unit 42 serves as an approved incident response provider for over 70 cyber insurance panels and is a preferred partner to over 150 global law firms.

As part of Palo Alto Networks, Unit 42 utilizes the company’s leading technology to serve as a trusted advisor to help organizations around the world assess and test security controls against credible threats, transform their security strategy and program through the adoption of a threat-informed approach, and respond to any cyber incidents that do occur, effectively and in record time, no matter what the impacted environment might be.

Specifically, the Forrester report notes, “Palo Alto Networks’ strategic use of its ASM vendor Xpanse acquisition adds greater visibility to incident preparedness, investigations, and containment efforts… Additionally, Unit 42 utilizes Palo Alto Networks’ Prisma Cloud, Cortex XDR, and Xpanse attack surface management solutions to offer comprehensive cloud incident response.”

Unit 42 is deeply committed to innovating across our incident response and cyber risk management services. We continue to further invest in local talent, facilities and industry communities, as we expand geographically to serve as the strategic cybersecurity partner of choice to CISOs around the globe.

Contact Us

If you are experiencing an active breach or think you may have been impacted by a cybersecurity incident, contact Unit 42 to connect with a team member. The Unit 42 incident response team is available 24/7/365. If you have cyber insurance or legal counsel, you can request Unit 42 by name. You can also take preventative steps by requesting a Proactive Assessment and putting our team on speed dial with a Unit 42 Retainer.

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.