What steps should we take after a 0 day that has been exploited within our infrastructure?
Isolation? Patches? Data protection policies etc?
Depends on the 0 day, depends on how long ago this happened, depends on how critical is the location of the breach, depends on how patched/protected the rest of the system is.
The response can be anything from disconnect and reformat a single computer, to recreating the entire organisation from scratch.
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Username or Email Address