Incident Detection

  • Infiltration and Persistence
    • Initial Foothold
    • 1) credentials
    • 2) malware
    • 3) phishing
  • Reconnaissance
    • situational assessment
  • Lateral Movement
    • via credential misuse
    • gathering credentials
  • Mission Target
    • critical assets
    • high value data stores
    • exfiltration
      • methods
      • destinations
  • Maintain Presence
    • hiding
    • backdoors