What if you suspect your system has been compromised, but you can't find the evidence? Adversaries are clever and will often delete the files they've used for their nefarious activities to cover their tracks. Stay ahead of them by learning to detect and mitigate this defense evasion technique and outwit those who threaten your network.
Attackers will not only go back and delete their malware files after they achieve their goals, but they may even build in a self-delete function into their malware. They may remove dropper files, batch files, and other tools that would tip you off to their activities. Attackers will often use native system tools to perform this deletion, making it very tricky to detect and mitigate.
You'll want to learn more about this adversary behavior so you know how to detect and mitigate it.
Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactic of Defense Evasion in your environment today.
Complete this entire course to earn a File Deletion Certificate of Completion