Offensive and defensive security
- Understanding every phase of an incident and responding appropriately.
- Noticing suspicious traffic patterns and identifying indicators of compromise.
- Rapidly shutting down any form of compromise.
- Identifying the red team/threat actors’ command and control (C&C or C2) servers and blocking their connectivity to the target.
- Undertaking analysis and forensic testing on the different operating systems their organisation’s runs, including use of third-party systems.