Solution Categories
Community Directory
Compare solutions
Benchmark my program
Kroll Cyber Risk
Kroll Cyber Risk provides structured support for managing and mitigating cyber incidents. It integrates forensic analysis and strategic guidance to help organizations understand and respond to threats effectively.
Why these ratings?
Cyberse perspective
Summary by Cyberse
Microsoft Sentinel may be considered a good fit for you due to its powerful capabilities.
Here’s a few tips on how to maximize its capabilities:
We use the following criteria to rate this product’s functionality:
Cost considerations
Kroll charges a premium retainer and bills extra for deeper forensics, reverse-engineering, and onsite travel, so total costs rise fast. Hourly rates are premium and not fully detailed in advance, leaving budget owners guessing at the final spend. This pricing structure makes the value hard to gauge compared with more transparent, mid-priced incident-response competitors.
Capabiliities
Kroll provides 24/7 worldwide responders who image affected systems and reverse-engineer malware, brings internal legal and crisis-communications advisors to manage disclosure, and supplies step-by-step remediation guidance, placing its incident-response offering among the most complete in the market.
Team expertise
Kroll’s responders average over 10 years in incident work and many previously served with the FBI, Secret Service, or intelligence agencies. Most senior staff hold GCFA, GREM, and CISSP credentials and guide a limited number of juniors. The combination of deep certification coverage and frontline law-enforcement experience places the team at the upper end of the market.
Tools & methodology
Kroll’s responders use documented MITRE-aligned playbooks and a proprietary endpoint collector alongside commercial EDR tools for remote evidence capture and guided containment. Automated scripts and dashboards track dwell time, scope, and remediation progress for clients. These capabilities exceed basic runbooks but stop short of the full SOAR orchestration and live KPI boards offered by the most automated rivals.
Company reputation
Global investigation firm Kroll is routinely hired for ransomware and data-theft investigations and is listed by many cyber-insurance panels, with no public mishandling incidents. Analysts and trade press note steady revenue growth and acquisitions that strengthen its incident-response brand, though Kroll is absent from the latest Forrester Wave leaders. The lack of legal controversies or high client churn indicates a strong, but not top-tier, reputation.