Delivery flow
- Access collection: registrar/DNS, hosting, WP admin, and MFA where possible.
- Evidence capture + forensic sweep across files, DB, cron, and auth logs.
- Remediation: remove payloads, backdoors, rogue admins, and patch/update stack.
- Hardening: WAF rules, MFA, least-privilege, disable code exec in uploads, backups.
- Search recovery: sitemaps, reindex requests, and post-incident documentation.
Why teams pick the SLA
- Guaranteed kickoff window with owner-led command.
- White-label updates for agencies—your brand stays front and center.
- Changelog + rollback points for your dev/ops team.
- 5-year hack prevention guarantee keeps recurrence risk low.
BlackOut Dominicana
Boutique hospitality brand
Stabilized in a single window
Critical SLA engagement: malware and redirects cleared, rankings restored, and 24/7 monitoring deployed within 48 hours.
View the full case study
Intouch Property UK
UK property & personal brand
Rebuilt and monitored
Post-incident SLA: rebuild with automated backups, hardened stack, and an on-call runbook for future escalations.
Read the rebuild storyFAQ
SLA questions we get
Use these answers to align stakeholders before approving an SLA.
What response windows do you offer?
Standard is 2–4 hours to kickoff. For critical commerce sites, we can agree on a faster window with pre-shared access.
Can you stay invisible to our clients?
Yes. We operate under your brand with white-label notes and never contact your clients directly.
Is there a guarantee?
Yes—a 5-year hack prevention guarantee. If the same infection returns, we fix it free.
Next step
Lock in your SLA window
Tell us your response target and access details. We’ll confirm coverage and be on standby.