Advanced Persistent Threat (APT) Groups
Anatomy of Attacks
1. Need to know, what do detect
2. Go trough whole attack cycle
3. Extract what is needed and not an optional „Add-on“
WHAT are TTPs?
Mirte ATT&CK Framework
Automatic Detection
Possible in
Persistence
Lateral Movement
Collection
Command and Controll
Exfiltration
Threat Hunting
Needle in the Haystack
Advanced Persistent Threats
Reaktion auf APT
Last changed20 days ago
