The project: Incident response on Zero Day Vulnerability
While our team was searching for the latest vulnerabilities, we discovered a new one that affected our customer’s systems and had to do with credential theft.
Benefits
- Immediate response to new threat
- Upgrade customer’s security
- Safety against recent vulnerability
Solution
Firstly, we performed research to find out which customers are affected the most. Then we had to make them aware of this new threat and discuss the measures needed to be taken.
During our investigation, we had to find out how this vulnerability works in order to understand what had to be done to secure the customer. The only solution was to make the appropriate rules in our SIEM. The investigation then turned towards the new rules we had to create for SIEM and EDR.
The rule set was completed within the timeframe and tested in order to avoid this new threat. Afterwards the customer was informed and we both kept the issue under monitor in the forthcoming weeks.
The customer was satisfied by the solution we provided and the immediate response of our team.
The rule set was completed within the timeframe and tested in order to avoid this new threat. Afterwards the customer was informed and we both kept the issue under monitor in the forthcoming weeks.
The customer was satisfied by the solution we provided and the immediate response of our team.