AMS partners with you to restore systems to normal operation, confirm that the systems are functioning normally, and (as applicable) remediate vulnerabilities to prevent similar incidents.
Consider the following:
-
Are the affected system(s) patched and hardened against the recent attack and possible future attacks?
-
What day and time is feasible to restore the affected systems back into production?
-
What tools will you use to test, monitor, and verify that the systems that you restore to production aren't vulnerable to the initial attack techniques?
