CERT incident response for a municipality

Confidential

Context & objectives

CERT on-call triggered by an anomalous connection on the IS: containment, forensic investigation, post-incident Active Directory and network configuration audit (details confidential).

Outcomes

Forensic report delivered and IS hardening (network, Active Directory, etc.).