This type of exercise is characterized by using different entry vectors, such as zero-day vulnerabilities or phishing attacks against specific employees of an organization, among others. The process of accelerating detection and response layers against an APT involves the execution of the following sequence of activities for the best integration of the offensive techniques of an APT in the defensive layers:Ī particular approach to compromise using APTsĪn APT compromise involves a targeted and highly specialized attack against an organization designed to maintain continuous access over time. How resilient is an organization to a targeted APT, and are the defensive layers sufficiently optimized to respond to such a sophisticated attack?ĪPT Resilience Enhancement brings together offensive capabilities, such as those that could be performed by Red Team services, with the defensive capabilities that a Threat Hunting team could suggest, helping not only to answer the above questions but also to accelerate and optimize defensive capabilities in terms of detection, containment and response. A general approach to accelerating APT defensive capabilities The risk of an APT in enterprises lies in the identification difficulty, which can allow it to persist for a long period on corporate systems, enabling APT operators to perform malicious actions against an organization’s interests.
Advanced Bank Infrastructures Security Assessment.
Technologies and Operating Systems Hardening.
0 kommentar(er)
