Analysis
Conduct deep-dive forensic analysis across collected evidence to reconstruct the full attack timeline, identify the root cause, determine the extent of compromise, and map adversary tactics, techniques, and procedures to the MITRE ATT&CK framework. Correlate indicators across data sources and assess the impact on business-critical systems and data.
Lateral Movement Analysis and Mapping
P1Lateral Movement
120min
View node
Map Exfiltration Channels (HTTP, DNS, Cloud Sync)
P1Exfil Channels
90min
View node
Determine Encryption Scope and Affected Systems
P1Encryption Scope
90min
View node
Detect and Analyze Web Shells on Compromised Servers
P1Web Shell Detection
90min
View node
Analyze Evidence of Credential Dumping Techniques
P1Credential Dumping
90min
View node
Phishing Campaign Scope and Credential Exposure
P1Phishing Campaign Analysis
90min
View node
Identify Data Staging and Compression Activity
P2Data Staging
60min
View node
Detect OAuth and Consent Phishing Abuse
P2OAuth Abuse
60min
View node
Investigate Mailbox Rule Modifications
P2Inbox Rules
45min
View node