- Phase I – Clean Environment: Creating a clean virtual environment using free and available hardware without disturbing the existing investigation and forensics.
- Phase II – Backup & Recovery: Veeam’s patented backup and solution helped restore critical VMs, apps, services, NAS, and local storage. Other areas could be restored using Commvault solutions focusing on disaster and file recovery.
- Phase III – Reinstating Active Directory: Multiple AD services, including AD Domain, AD certificate, AD network policy and AD Connect Sync had to be restored from the ground up.
- Phase IV – Security Hardening: Extended Detection & Response techniques (XDR) had to be implemented using stricter rules and fine-grained monitoring. We’ve used AI-supported Cortex XDR solutions to detect vulnerable devices and monitor incidents using an easy-to-use dashboard:
Check out our Success Story to see how Swiss IT Security AG prevented the spread to other sites and helped resume operations in a few days.