PILLAR
Response SLA — measurable, not aspirational
Tier-1 response within 1 hour from customer declaration. Remote investigation immediately. On-site capability within 4 hours across Jakarta metro. Other regions assessed per engagement geography.
OXCULUS · INCIDENT RESPONSE RETAINER
Incident Response Retainer — pre-negotiated response under regulatory obligation.
OXCULUS IR Retainer is a pre-paid response contract that activates the moment a customer declares an incident. Tier-1 response within one hour. On-site capability within four hours across the Jakarta metropolitan area. Investigation, containment guidance, evidence preservation, and regulatory notification support — delivered with the same evidentiary discipline that governs the rest of the NOGTUS platform.
OXCULUS Incident Response Retainer adalah kontrak respon insiden pra-bayar yang aktif segera setelah pelanggan mendeklarasikan insiden. SLA respon Tier-1 dalam 1 jam, kemampuan on-site dalam 4 jam di area Jakarta metropolitan. Mendukung kewajiban regulasi POJK 11/2022 dan ketentuan respon insiden sektoral lainnya.
SERVICE PILLARS
What this service delivers, structurally.
PILLAR
Evidence Preservation
First-priority action upon engagement is forensically sound evidence preservation — packet capture continuity through NME, lifecycle state freeze through NIO, and chain-of-custody recording. Subsequent investigation operates on preserved evidence rather than fragmented runtime artifacts.
PILLAR
Regulatory Notification Support
POJK 11/2022 and sectoral incident-reporting frameworks impose tight regulatory disclosure windows. The retainer includes structured artifact production calibrated to regulator-facing reporting templates — not improvised under post-incident time pressure.
SERVICE INCLUSIONS
What you get, in commercial-package terms.
- Engagement model
- Pre-paid retainer hours; activated when customer declares incident
- Tier-1 response
- Within 1 hour of customer declaration
- On-site response
- Within 4 hours, Jakarta metro
- Scope
- Investigation, containment guidance, evidence preservation, regulatory notification
- Annual exercise
- Tabletop exercise + IR playbook customization
- Post-incident
- Structured incident report, lessons learned, remediation tracking
- Regulatory anchor
- POJK 11/2022, sectoral guidance
FIT ASSESSMENT
Who this service is for — and who it isn't.
Best fit for
- →Organizations with internal SOC capability but lacking deep IR expertise
- →Regulated organizations subject to mandatory incident-reporting windows (POJK 11/2022, BSSN sectoral)
- →Critical-infrastructure operators where incident frequency is low but blast radius is high
- →Organizations layering IR Retainer on top of existing NOGTUS deployment for surge capability
Not the right fit when
Organizations seeking continuous SOC operations as their primary delivery — those should evaluate Pro MDR or Enterprise MxDR, with IR Retainer activation included.
READY TO ENGAGE