This is a dedicated watch page for a single video.
A large consulting firm has a hybrid cloud environment. They have a private cloud that they manage on their premises, and they use a large public cloud provider for some of their Platform and Software as a Service (PaaS and SaaS) needs. Their security operations center (SOC) has been processing a few high-priority indications of compromise (IoC) that appear to point to a live incident. For their response, what should they do?