Net Friends | Case Study: Net Friends Stops an After Hours Breach

Executing the Response Playbook

Following a NetSafe MDR report, Net Friends IT Experts promptly initiated the standardized response playbook. Compromised accounts were immediately disabled, and targeted servers were isolated to contain the threat. Comprehensive system scans verified the complete removal of all malicious accounts and software. Once the threat was fully neutralized, services were safely restored by re-enabling access and removing affected servers from isolation.

Incident Identified: The team immediately confirmed an active security incident.
Containment: To halt the threat, Server AB was immediately isolated from the rest of the network systems. The compromised employee account was immediately locked out.
Investigation: Comprehensive system scans were then initiated to determine the full extent of the compromise, specifically looking for indicators like backdoors, newly created administrator accounts, or malicious software.
Security Remediation: Once the systems were confirmed clean and the threat mitigated, the employee's account password was changed, and Server AB was safely returned to the network.

Containing the Breach

The Net Friends on-call team immediately executed the standard incident response playbook, rapidly containing the breach by disabling the account and isolating the server before major damage could occur.

The Monday debrief confirmed the successful containment but highlighted the difficulty in tracing the root cause without an obvious phishing attempt, emphasizing the critical need for users to report suspicious links or emails.

To prevent future incidents, the team recommended a series of security enhancements: implementing MFA, disabling the public VPN login page, auditing service accounts, enforcing a lockout policy, and migrating the on-prem server to SharePoint. This quick response became the catalyst for a crucial security upgrade.

Net Friends Stops an After Hours Breach

Download Case Study

No items found.

Endpoint Support

24x7 monitoring services by our in-house Network Operations Center. Standard software packages deployed to all workstations for antivirus, antimalware, anti-ransomware, patching, inventory management, and monitoring services.

Remote Endpoint Management

With MEM, remote workers are some of the biggest winners, because they can easily access IT support where they are located. Reduce support costs, raise morale, and increase productivity for remote staff.

No items found.

Rapid Response

Superior MDR service is defined by speed of response: the longer an attacker has access to your systems, the more havoc they can cause. Cloud-based machine learning allows NetSafe to identify attack patterns and prevent an attack from expanding beyond the first infection.

24x7 Monitoring

Cyber attackers don’t sleep. But they know when you do. They know when companies will have reduced staff or slower response times, and they will capitalize on your most vulnerable hours. Mondays are bad enough without discovering that an attacker has been in your systems all weekend. NetSafe ensures that you can respond effectively during these unsuspecting moments.

Experienced Analysts

As great as our suite of detection tools are, you need added threat hunting and analysis that only a team of seasoned security analysts can bring. Our mature SOC team has 4 separate escalation tiers, with each tier bringing significant real-world experience chasing down Indicators of Compromise (IoC) and atypical events.

Unmatched Threat Protection

With nearly 120 distinct sources of threat intel, our security analysts and detection systems can find and stop even the most novel cybersecurity attacks. We use both broad and tailored threat intel, delivering high business value and vastly increasing the likelihood that we will be the first to discover and disrupt unique attempts to hack into your systems.

Net Friends Stops an After Hours Breach

Executing the Response Playbook

Containing the Breach

Sometimes, it's nice to see a [net] friendly face!