@JimSycurity @horse @cirriustech @alyssam_infosec @SwiftOnSecurity Tay did a thread on it that detailed the basics. 1) Patch your perimeter. You’ve got to know what will be exploited first. 2) Back up important stuff 3) Maintain good AV practices on all endpoints. 4) Patch everything inside 5) call it a day and come back tomorrow to do it all over again. If you’ve found everything you can uncover - follow #trimarc security hardening guides for AD, ESX, and AxureAD/M365. Fantastic resources. https://www.hub.trimarcsecurity.com/