Information that should not be disclosed:

1. Sensitive information related to company operations, Firewall, WAF, SIEM, AV, EDR, Proxy.

2. Plans for deployment and internal programs.

3. Transfer of sensitive information to affected parties.

4. Activities relating to security incidents:a. Identification of affected systems.b. Attack vectors and affected applications.c. Containment of the incident and affected critical applications.d. Analysis of the incident for lessons learned.

5. Details of the incident externally or publicly.

6. Disabling networks or critical infrastructure

.7. Policies related to information handling and coordination with internal teams.

8. Information security and communications for business continuity and legal obligations.

9. Contact and coordination with regulators and relevant authorities in case of serious incidents

10. Access the server using the specified IP address.

11. The existing contracts must be evaluated with clear and explicit confirmation from the legal departments, after reviewing the requirements and the relevant technical documentation.

12. Identified issues must be addressed according to the inspection reports.

13. The plan must be reviewed and updated if necessary to ensure it aligns with current operational requirements.

14. All necessary steps, approvals, and security measures must be implemented for the protection and smooth operation of the targeted systems.

15. The installations were equipped with monitoring devices for cameras and sensors, IDS/IPS monitoring, file protection, inspection of ports and connections, and other security measures.