RS.AN-08:

RS.AN-08:

An incident's magnitude is estimated and validated

Implementation Examples

Ex1:

Review other potential targets of the incident to search for indicators of compromise and evidence of persistence

Ex2:

Automatically run tools on targets to look for indicators of compromise and evidence of persistence