You are responding to a security breach at a company where attackers have targeted web applications. According to the practices advised in the OWASP Testing Guide, which of the following would be the best initial step to ensure you've secured the necessary data for a thorough analysis of the application vulnerabilities exploited in the attack?
Securing and analyzing the web server logs
Performing an exhaustive code review on the current web applications
Immediately reviewing all account integrity for signs of compromise
Examining user behavior patterns for anomalies in application usage