Prepare before contact
- Company name and primary contact
- Website URL and any related domains involved
- What you are seeing and when it started
- Whether the issue is still active right now
- Critical systems affected and any containment already attempted
Dulles CyberActive incident
Use this path when a site, domain, or related system is failing now.
If your website is defaced, redirecting somewhere strange, locked out, sending suspicious traffic, or tied to a broader email or account problem, start here.
Commercial expectations
- Active incidents are scoped separately from routine website-care work
- Emergency work may be handled outside normal business hours when needed
- There is usually a minimum engagement size for live response
- You will get a clear commercial conversation before response work expands
Emergency intake
Email incident@dullescyber.com with the subject line Active Incident and include the facts above. If the issue is not active right now, start with a standard review or website-care conversation instead, or use the request-help intake form.
What happens next
Set expectations before the first response conversation.
1. Triage
Confirm what is happening, what systems matter, and whether the issue is active right now.
2. Containment guidance
Prioritize the actions that reduce ongoing harm without destroying the information needed to understand what happened.
3. Recovery direction
Work toward a stable state, identify likely follow-on cleanup and hardening work, and decide whether the current platform should be repaired or replaced.