{"id":41272,"date":"2021-06-09T16:00:20","date_gmt":"2021-06-09T16:00:20","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=93756"},"modified":"2021-06-09T16:00:20","modified_gmt":"2021-06-09T16:00:20","slug":"crsp-the-emergency-team-fighting-cyber-attacks-beside-customers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/","title":{"rendered":"CRSP: The emergency team fighting cyber attacks beside customers"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2021\/06\/SEC20_Security_034.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<h2>What is CRSP?<\/h2>\n<p>Microsoft Global Compromise Recovery Security Practice.<\/p>\n<h2>Who is CRSP?<\/h2>\n<p>We are a worldwide team of cybersecurity experts operating in most countries, across all organizations (public and private), with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place.<\/p>\n<p>As a specialist team within the wider Microsoft cybersecurity functions, we predominantly focus on reactive security projects for our customers. The main types of projects we undertake are:<\/p>\n<ul>\n<li>Compromise recovery: Giving customers back control of their environment after a compromise.<\/li>\n<li>Rapid ransomware recovery: Restore business-critical applications and limit ransomware impact.<\/li>\n<li>Advanced threat hunting: Proactively hunt for the presence of advanced threat actors within an environment.<\/li>\n<\/ul>\n<p>In addition to our reactive work due to our technical expertise and experience, we are sometimes engaged to work proactively with high-profile customers to help keep them safe no matter who or what the adversary.<\/p>\n<p>Compromise recovery is the process by which we remove the nefarious attacker control from an environment and tactically increase security posture within a set period of time. Compromise recovery takes place post-security breach. This remedial activity often follows an investigation from our <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2019\/03\/25\/dart-the-microsoft-cybersecurity-team-we-hope-you-never-meet\/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft DART<\/a> colleagues or other third-party forensic incident response experts. We incorporate these findings into the recovery efforts and work to make your environment as secure as we can, with the aim for you to take back control.<\/p>\n<p>Rapid ransomware recovery is where an organization has been targeted by <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/04\/28\/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk\/\" target=\"_blank\" rel=\"noopener noreferrer\">advanced ransomware<\/a>, which is usually human-operated and targeted to specific organizations. We assist in bringing back operation-critical business systems, such as Azure Active Directory, and work hard to limit exposure of ransomware across an environment. These projects are usually very time-sensitive and require a great number of efforts to contain the attack.<\/p>\n<p>With advanced threat hunting, we bring expertise in Microsoft security tooling into an environment to actively hunt for advanced threat actors\u2014advanced persistent threats (APTs) and determined human adversaries. We can work within a customer\u2019s existing security processes to help improve internal security capabilities and trust. As part of this, we deliver our findings and provide practical and real advice on how to further enhance your security, as well as suggest if additional tactical steps may be required.<\/p>\n<p>Historically we have kept our existence quiet, and our activities were only published internally at Microsoft. Given that we are seeing more and more <a href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2021\/03\/02\/new-nation-state-cyberattacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">cybersecurity incidents<\/a>, we thought it was time to publicly let the world know where we fit into the Microsoft security story.<\/p>\n<p>We are flexible in our approach to helping customers. Traveling and being away from home for extended periods and working in high-pressure situations with high-profile issues is normal and frequent for a CRSP cybersecurity professional. We are also practiced and efficient at delivering these engagements entirely remotely.<\/p>\n<p>CRSP is the team that takes back control.<\/p>\n<h2>How do we help customers?<\/h2>\n<p>At Microsoft, we advocate that everyone maintain an \u201c<a href=\"https:\/\/download.microsoft.com\/download\/4\/6\/8\/4680DFC2-7D56-460F-AD41-612F1A131A26\/Microsoft_Cyber_Defense_Operations_Center_strategy_brief_EN_US.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">assume breach<\/a>\u201d mindset. Unfortunately for the customers we work with, we know there has been a breach and often see the worst that attackers can do.<\/p>\n<p>In the last year, we have dealt with issues from crypto-malware making an entire environment unavailable to a nation-state attacker maintaining covert administrative persistence in an environment. We help customers take back control. At all times, we work with customers to restore legitimate control and secure trust in their computing environment by removing, mitigating, and reducing the risks.<\/p>\n<p>Our scope is often to secure the assets which matter the most to organizations, such as Azure Active Directory, Exchange, and certificate authorities, whose loss leads to the highest impacts and therefore have the highest risks.<\/p>\n<p>Part of our work is to deeply analyze your existing environment and identity where activity is required. This investigation is helpful as it helps you understand your assets in a way you may have never had the opportunity to do so previously.<\/p>\n<p>Bringing back control of these high-value assets is our aim. By taking a tactical approach we implement secure and sustainable changes that minimize exposure, thereby reducing the risk of any follow-up attacks and thoroughly removing any illegitimate control and hardening systems. We do this within a specific timeframe in mind which is usually measured in weeks. For a more urgent crisis, we have operated in hours.<\/p>\n<p>We see sustainability in maintaining control as a key part of our role. This control not only removes the attacker but reduces the risk of follow-up attacks, so therefore it must be possible to maintain. We provide deep technical expertise to make your environment more secure. An additional benefit of working with CRSP is that we often leave our customers with a true security administration mindset.<\/p>\n<p>Based on helping so many customers, we understand what works well to secure an environment and what doesn\u2019t. Some things may be important but not strictly necessary for you to take back control. That isn\u2019t to say that these things are not important in improving security, because they often are, but when it comes to tactical and swift actions, they may not be vital. As part of medium and longer-term planning, we help you identify these options correctly and build a plan to enable you to further continue your security journey.<\/p>\n<p>Although we bring with us a team who are experts in their own specialties, we never work alone. We work with our wider Microsoft colleagues and sometimes our partners and third parties to identify additional vulnerabilities and security incidents. We assist you and your security team in making sure they can help maintain your security once we leave.<\/p>\n<p>Usually, our services are engaged through the regular customer services and support route or via your Microsoft account management team.<\/p>\n<p>We hope you should never need our services. But if you do, know you are in safe hands.<\/p>\n<h3>Secure admin path<\/h3>\n<p>We have documented many times that most adversaries will go after your Azure Active Directory and your administrators because they know these will give them the best opportunity for having full control. <a href=\"https:\/\/docs.microsoft.com\/en-us\/security\/compass\/overview\" target=\"_blank\" rel=\"noopener noreferrer\">Securing your administrative path<\/a> will make it much harder for adversaries to take over.<\/p>\n<p>Administrative workstations, credential hygiene, and implementing the tier model will help a great deal. Additionally, having security and administrative functions working together is something we encourage our customers to do.<\/p>\n<h3>Hardening<\/h3>\n<p>Turn off unused services, implement host-based firewalls, run network-level encryption, remove unused software, keep software up to date, remove unused accounts, check certificate stores, and remember to do the same for any hypervisors or storage networks. You should reduce interdependent control and adopt in-depth defense with <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/zero-trust\" target=\"_blank\" rel=\"noopener noreferrer\">Zero Trust<\/a>.<\/p>\n<p>Patching cycles should be measured in hours and not weeks. Your business-critical applications should not be running on obsolete software, hardware, or firmware. Exploits and zero-days are bought in \u201cthe wild\u201d within hours\u2014sometimes even minutes, so it is essential to do the patching as quickly as possible. With this approach, you are limiting the attack surface significantly.<\/p>\n<h3>Insights and monitoring<\/h3>\n<p>Understand what is normal in your environment and what isn\u2019t. You can only do this with good monitoring and comprehensive baselines.<\/p>\n<p>Know that monitoring isn\u2019t just looking at traditional security incidents but looking at spotting exposure to your admin path. Monitor the performance of your systems and make sure they are logging correctly. Make sure that people who are looking at this data understand the difference between normal and not normal. These processes may not always be in your security operations, so it is key that you add this. Using AI can greatly improve your visibility in what should be normal user behavior, by creating alerts around these behaviors (with automatic mitigations) you can have a head start in protecting your infrastructure and related components.<\/p>\n<p>React quickly and efficiently to anything that is not normal or suspected bad.<\/p>\n<h3>Overall conclusion<\/h3>\n<p>In the end, cybersecurity is mostly about the mindset that needs to be <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2018\/10\/18\/ciso-series-building-a-security-minded-culture-starts-with-talking-to-business-managers\/\" target=\"_blank\" rel=\"noopener noreferrer\">adopted, embraced, and supported by everyone<\/a> in an organization. You can lock all the doors, install an alarm, and put CCTV in place, but unless everyone remembers to lock the door and turn the alarm on you won\u2019t be very secure.<\/p>\n<h2>Learn more<\/h2>\n<p>To learn more about Microsoft Security solutions, <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/solutions\" target=\"_blank\" rel=\"noopener noreferrer\">visit our&nbsp;website<\/a>. Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<p> READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/06\/09\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CRSP is a worldwide team of cybersecurity experts operating in most countries, across all organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place.<br \/>\nThe post CRSP: The emergency team fighting cyber attacks beside customers appeared first on Microsoft Security. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":41273,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[347],"class_list":["post-41272","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CRSP: The emergency team fighting cyber attacks beside customers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CRSP: The emergency team fighting cyber attacks beside customers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-06-09T16:00:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"CRSP: The emergency team fighting cyber attacks beside customers\",\"datePublished\":\"2021-06-09T16:00:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/\"},\"wordCount\":1410,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/06\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/\",\"name\":\"CRSP: The emergency team fighting cyber attacks beside customers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/06\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg\",\"datePublished\":\"2021-06-09T16:00:20+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/06\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/06\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg\",\"width\":1200,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CRSP: The emergency team fighting cyber attacks beside customers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CRSP: The emergency team fighting cyber attacks beside customers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/","og_locale":"en_US","og_type":"article","og_title":"CRSP: The emergency team fighting cyber attacks beside customers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-06-09T16:00:20+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"CRSP: The emergency team fighting cyber attacks beside customers","datePublished":"2021-06-09T16:00:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/"},"wordCount":1410,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg","keywords":["Cybersecurity"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/","url":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/","name":"CRSP: The emergency team fighting cyber attacks beside customers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg","datePublished":"2021-06-09T16:00:20+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/06\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers.jpg","width":1200,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/crsp-the-emergency-team-fighting-cyber-attacks-beside-customers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"CRSP: The emergency team fighting cyber attacks beside customers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41272","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=41272"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41272\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/41273"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=41272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=41272"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=41272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}