It was a Wednesday afternoon at Souvla in Hayes Valley, and Tracy Kelpman, the lead engineer, was in the middle of a root cause analysis of a complex Microsoft 365 security incident.
She was using ThreatKey, a powerful security analysis tool, to try to determine what had happened and how to prevent it from happening again.
The incident had occurred the night before, and it had been a doozy. A malicious hacker had managed to gain access to the company's email system and had sent out hundreds of spam emails to everyone in the company's address book.
The spam emails had been blocked by Microsoft's built-in security measures, but the damage had been done.
Tracy was able to quickly identify the source of the attack and was able to track the hacker's movements through the email system.
She was also able to see that the hacker had gained access to the company's CRM system and had exported a list of all the company's customers.
Fortunately, the hacker had not been able to access any sensitive data, but the incident was still a serious one. Tracy was able to use ThreatKey to identify the weakness that the hacker had exploited and was able to recommend a fix to the company's IT team.