Playbook of the Week: Malware Investigation and Response
When I worked at a managed security service provider (MSSP) a few years ago, I shadowed an L1 analyst who was in the middle of researching an endpoint detection and response (EDR) alert received from a client’s environment.