Information that should not be disclosed:
1. Sensitive information related to company operations, Firewall, WAF, SIEM, AV, EDR, Proxy.
2. Plans for deployment and internal programs.
3. Transfer of sensitive information to affected parties.
4. Activities relating to security incidents:a. Identification of affected systems.b. Attack vectors and affected applications.c. Containment of the incident and affected critical applications.d. Analysis of the incident for lessons learned.
5. Details of the incident externally or publicly.
6. Disabling networks or critical infrastructure
.7. Policies related to information handling and coordination with internal teams.
8. Information security and communications for business continuity and legal obligations.
9. Contact and coordination with regulators and relevant authorities in case of serious incidents
10. Access the server using the specified IP address.
11. The existing contrac...