top of page
I'm Under Attack!
​If you detected a security incident or breach, please gather all relevant information available about the incident. It is for our incident response team to plug in and start responding quickly. Examples of valuable information:
​
-
Date and time of first detection/indication?
-
What malicious activity was already seen or already known?
-
How many endpoints are compromised?
-
What user accounts are known to have been compromised?
-
Was company data exfiltrated or leaked?
-
Were any core systems impacted?
-
What security controls are deployed? (AV/EDR, FW, etc.)
-
What actions were taken against the incident?
PreCySec Incident Response Team:
IR@precysec.com
You can always reach us here as well:
info@precysec.com
Feel Free to Use the Below Example Email:
Hi PreCySec IR Team,
I am the IT manager at [Company Name], we have experienced a security breach where one of our admin users was compromised and used to access sensitive emails and information. The first indication of suspicious activity was seen on [day]\[month]\[year], [time] when our CFO noticed an odd invoice sent to him from one of our employees. The user account password was reset, though we are still concerned about the actual extent of the breach.
Our on-premises environment is small, with ___ computers, ___ servers and a Microsoft 365 subscription (Business Standard). Employee endpoints are protected using [Vendor Name] AV/EDR.
Your assistance is needed.
Thank you,
[Name]
bottom of page