Background: In this section, we will discuss specific actions during evidence collection, log analysis, and recovery for situations where it is necessary to determine if unencrypted secrets or [...] Read more
Background:
During incident response activities at the cluster level, we should not focus solely on pods created via kubectl that are managed by the Kubernetes control plane (kubelet and etcd). It is [...] Read more
Background:
Sometimes, during incidents involving ransomware-related threat actors, the investigation into the recovery process can reveal solutions closer than you might think. It’s important to [...] Read more
