In a complex world of deeply integrated technologies, providing security to customers is a complex
and resource-intensive endeavor. As part of our commitment to keeping customers safe, we often
complement our security stack offerings with managed detection and response, threat hunting and
constant monitoring of customer infrastructure. The Cyber-Threat Intelligence Lab keeps a close eye on
alerts and EDR reports coming from infrastructure, helping owners and maintainers navigate the early
stages of compromise.
This is the case of an incident we worked on with a technology partner in the United States of America.
We were able to identify a complex kill-chain and monitor the attack though various stages to assess
the extent of the breach and help the customer regain control of the network.