Activity - Quite a lot, actually. This is really a summation and not comprehensive....

Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

Orbituary , 17 days ago

Quite a lot, actually. This is really a summation and not comprehensive.

Evaluate an environment after incident:

looking for IOCs, determine spread

Determine backup status and restore if possible

Return environment to healthy state (AD restore, replication, networking, etc.,)

Lockdown of security holes

Advise on best practices going forward

Decrypt environment if client pays ransom

etc., etc.

Depending on the complexity of the environment, this can take a lot of time and effort: much bigger than most internal teams are capable of doing. A client I had in Feb-Mar lasted a total of 3200 hours of work between 12 people on my team across 34 locations to unfuck the situation.

Reply

Report

Activity

Open original URL

Copy original URL

Copy Mbin URL

Loading...

Federation

Status:

On | Off

Thread

jeffw

@jeffw@lemmy.world

Added: 18 days ago
Views: 8
Ratio: 0

Magazine

Technology

@technology@lemmy.world

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed