Remediating malware infections and Identity Compromises, conducting investigations for legal, and engaging with employees on threat remediation takes the bulk of this category. Once an infection/compromise is found, IOC’s are obtained and used to hunt across the environment for other infections or evidence of lateral movement. IOC’s come in many forms, from hashes, to contacted IP Addresses, registry edits, mailbox rule creations, etc.

  • Malware/Suspicious Software Analysis
  • Malware Remediation
  • Malware IOC Generation and hunting
  • Identity Compromise Remediation
  • General Fire-Fighting