What is Discovery?

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
8 hours 28 minutes
Difficulty
Beginner
CEU/CPE
10
Video Transcription
00:00
hello and welcome to another discussion on the application of the minor attack framework. Today we're going to get into our next section. What is discovery? And we're gonna talk about some discovery techniques and things that threat actors conduce once they've gotten onto your network.
00:18
So to make sure on the same page, let's go ahead and quickly define discovery. So discovery is essentially when a threat actor is working out what is in your environment. And so this is the key point here. They're not aware. And so they're going through the motions to figure out what's going on. So this could be things like,
00:38
What operating systems do we have running in the environment? And what
00:41
internal network information can we pick up? What services do we see? What protections do we have in place? Anything that a threat actor can get,
00:51
that would be to their advantage. They will start to collect and look through in this particular phase. Now, what we're going to be reviewing, specifically of the different sections is we're going to focus on how threat actors go about or some maybe some techniques they use for account discovery.
01:08
We're going to look at browser bookmark discovery, and we're going to talk about system owner and
01:14
user discovery
01:15
again. There are more sections than this in this particular area of the attack framework, but we're just going to focus on these three to give you an idea of how a threat actor would use discovery techniques to get enough pertinent information to them. Move on to the next phase of the framework.
01:34
So with that, I want to thank you for your time today,
01:37
and I look forward to seeing you again soon.
Up Next
Application of the MITRE ATT&CK Framework

This MITRE ATT&CK training is designed to teach students how to apply the matrix to help mitigate current threats. Students will move through the 12 core areas of the framework to develop a thorough understanding of various access ATT&CK vectors.

Instructed By