The Powershell Payload Response playbook is designed to be used when file payload executions are detected from an endpoint machines Powershell and begins the remediation process.
Malware Lateral Movement Assessment and Response
- Version History
- Download With Dependencies
This playbook identifies and remediates malware's lateral movement impact due to a phishing campaign in an organization. This playbook takes the hosts and attachments with the phishing email and then 1. It scans at the endpoint on which the phishing link was clicked and takes action to resolve any C&C activity and 2. It retroactively scans the logging history to identify lateral movement and quartines or resolve the traffic communication from those hosts
|Created||February 17, 2021|
|Last Release||February 17, 2021|