Triage
Perform initial assessment to determine the scope, severity, and nature of the incident. Classify alerts, validate indicators of compromise, assign severity ratings, and establish whether a full incident response engagement is warranted. Prioritize affected assets and identify the preliminary attack vector.
Bound the Investigation Timeframe
P1Timeframe Bounding
30min
View node
Identify Patient Zero (First Compromised System)
P1Patient Zero
60min
View node
Analyze Ransom Note and Variant Identification
P1Ransom Note Analysis
45min
View node
Analyze Suspicious Email for BEC Indicators
P1BEC Email Analysis
45min
View node
Phishing Email Triage and Indicator Extraction
P1Phishing Triage
30min
View node
Validate the Initial Access Vector
P2Access Validation
45min
View node