Enterprise Threat Encounters: Scenarios and Recommendations – Part 1

Many of the IT Professionals that contact our customer service and support group have common questions related to security incidents and are seeking guidance on how to mitigate threats from determined adversaries.  Given the level of interest in this information and common scenarios that exist amongst different organizations, we are publishing a multi-part series which will detail common security incidents organizations face and provide recommended mitigations based on guidance from our Security Support team. 

It is important to note that each phase has one or more technical and, more importantly, administrative controls that could have been used to block or slow down the attack. These mitigations are listed after each phase.  Each mitigation addresses specific behaviors and attack vectors that have been seen previously in multiple security incidents. Read more.