GuardDuty reports an EC2 instance communicating with a known crypto-mining domain. What is the recommended first containment step?
GuardDuty reports an EC2 instance communicating with a known crypto-mining domain. What is the recommended first containment step?