The case studies in this chapter examine various organizations that had formal incident response teams established by policies. The case studies examine how effective these teams were during a security breach.
An online forensic case study was published about a multibillion-dollar publicly traded company. The company is a leader in the IT infrastructure market. The company was not named in the article.
The problem: The company’s servers had been compromised to be the jumping-off point to attack a host of other companies.
The company was notified by another company of what was being attacked. The company’s administrator activated an IRT to assess the threat. ...