Unraveling the incident | The Huntress SOC paints a clear picture
The Huntress SOC quickly collaborated with Key Methods, providing clarity within hours. Detailed logs revealed the timeline of events and exactly where the attackers had been.
“Thanks to Managed SIEM, we had critical information fast,” said Paquette. “We reviewed the logs and immediately recognized the severity of the issue, allowing us to involve IR and legal teams quickly”
With Managed SIEM’s robust logging capabilities, Key Methods easily exported accurate, reliable data to the IR firm. “There was no question about the quality or authenticity of the logs,” Paquette noted. This significantly accelerated the investigation and led to a crucial finding: no data had been exfiltrated.
“Smaller MSPs like us usually don’t have a SOC,” Paquette explained. “With breaches in the past, we had to bring in an external team, install their tools, and wait for results. This time around, Managed SIEM handled it all. We told the SOC what we needed, ran a quick query, and immediately got clear answers like, ‘No, that executable wasn’t run anywhere else in the organization.’”
With vital insight, Key Methods swiftly shifted their focus to recovery. By isolating affected systems on day one, they could begin restoration efforts right away.