Video Transcription

00:07
Yeah,
00:08
The Cyberattack life cycle is a model used to describe how a typical attacker would advance their attack strategies through different stages. Each tax stage has a strategic goal. It must be completed for the next stage to begin.
00:20
We could stop the action anywhere in the change of deter, Break that attack,
00:24
click, attack or defense to learn more about that particular attack. Lifecycle
00:37
Reconnaissance
00:39
Reconnaissance involves effective monitoring and inspection of network Traffic
00:43
is a fundamental practice that will identify irregular activity.
00:47
Reconnaissance is more than network monitoring and uses. Security. Awareness and training are always important practices.
00:53
Security administrators much teach users to recognize reconnaissance, fishing and social engineering attempts.
01:07
Weaponization weaponization is difficult to deter, and it usually occurs externally, effective monitoring and subscribing to threat. Intelligence services can help, but weaponization often occurs silently and without detection.
01:26
Delivery delivery is typically a temporal event that can only be determined in real time. To disrupt the delivery process, you will need the visibility and threat intelligence capability of a real time security operating platform.
01:44
Exploitation
01:46
exploitation occurs when an attacker has successfully delivered their attacking scripts or tools.
01:52
Patching and updating of all resource is another fundamental security practice can significantly prevent an exploit.
01:59
Many Attackers fail at the exploitation phase of the attack because their scripts or attack tools failed to compromise or exploit. The targeted resource is
02:12
installation.
02:13
Most Attackers seek to propagate or replicate and install their attack tools and scripts on as many targets as possible to deter the escalation of or installation of Attackers tools you want to limit all East West network traffic.
02:27
East West traffic occurs within a trusted network, such as a local area network or a cluster of servers, and place your core resource is on the segment or restricted networks.
02:42
Commanding control CNC
02:46
CNC activities often occur quickly and infrequently
02:49
and can be a simple is just one execution of a very simple script or command.
02:53
CNC is generally the most advanced stage in the attack progression, so you need the most advanced defense strategies to defeat an attacker. At the CNC phase.
03:07
Actions on the objective
03:08
monitoring an awareness of the primary defense actions performed at this phase,
03:13
you want an enterprise security operating platform solution in place to successfully stopped the myriad events that can happen at this stage

Up Next