… APTs typically reside on a network for at least 18 months; during this team, all of an organization’s data is vulnerable to theft or exposure to the public”
Advanced Persistent Threats, or APTs, are human interactions or specialized applications that are designed to compromise a data network or system while remaining undetected. As such, they represent a significant threat to all organizations – particularly because they are designed to by-pass all existing security controls. It will communicate with a command and control server using overt communications; these should be detected by the network.
It will communicate with a command and control server using overt communications; these should be detected by the network. Over time, the communications will become covert as the test APT mimics actual real-life APT software.
The test APT will also attempt to exfiltrate large amounts of dummy data via the communications channel. This will allow the organization’s network perimeter defenses, intrusion detection and prevention systems, data leak prevention mechanisms and endpoint security to be tested.
Take recurring penetration testing activities to the next level; prioritize the defensive steps required to protect your organization
Identify weaknesses that traditional control-based methodologies miss
Validate your incident response plan
Ensure compliance by demonstrating your commitment to protecting your employees and business against APTs