Conversation
We've noticed some concerning activity and would like the SOC team to investigate urgently.
Subject: Ransomware behaviour alert on WS-LAP-011 — please investigate
Please provide an initial assessment as soon as possible. Our IT team is standing by to assist with any containment actions needed.
Good news — our analysis confirms this is a true positive. We've implemented the containment measures and will send a full incident summary within 24 hours.
We've applied the patch on our end. Can you run a verification scan?