Incident Response
We isolate the host, kill the processes, logoff and block users or IPs and much more.
You see an alert and confirm that a server has been compromised. You or the SOC team decide to isolate the host from the network and lock down the computer for forensic analysis
#HancoCyber #IncidentResponse #hanco