Ransomware resources:
If a ransomware incident occurs at your organization, the FBI, CISA and NSA recommend the following actions:
- Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.
- Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
- Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office.
- Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.
Training resources:
- Azure Sentinel Learning Path: Microsoft recently finalized the full set of Learn modules including - Introduction to Azure Sentinel, Deploy Azure Sentinel and connect data sources, Threat detection with Azure Sentinel analytics and Security incident management in Azure Sentinel.
- Azure Network Security Ninja Training
- Azure Security Center Ninja Training
- Azure Sentinel Ninja Training
- Microsoft 365 Defender Ninja Training
- Microsoft Cloud App Security Ninja Training
- Microsoft Defender for Endpoint Ninja Training
- Microsoft Defender for Identity Ninja Training
- Microsoft Defender for Office 365 Ninja Training
Additional cybersecurity resources