Answer questions about your active incident. Get an assessment of whether the indicators suggest a targeted APT campaign, opportunistic cybercrime, or a less-sophisticated attacker. The classification significantly changes your incident response priorities.