LONDON, UK. – September 7, 2016 – SOC Prime, Inc. reveals a new Use Case for the Use Case Library – APT Framework.
Available through Use Case Library cloud platform, APT Framework is a straightforward SIEM Use Case that monitors the company’s infrastructure constantly and to detect signs of APT using the methodology of Lockheed Martin Cyber Kill Chain. APT Framework uses different methods of statistical profiling and behavioral analysis to allow you to make maximum use of existing technologies, such as SIEM, IDS / IPS, FW, Proxy, Antivirus, Vulnerability Scanners, and helps to get the synergy effect when used.
Advanced Persistent Threats (APT) are complex targeted cyberattacks carried out for a long time and with a sufficient level of expertise to bypass even the newest and most advanced protection systems. The term APT was originally used to describe cyber attacks on military organizations but is not limited to the military sphere anymore. Zero-day vulnerabilities, methods of ‘social engineering’ and hacking tools that are specifically designed for a particular organization are all commonly used in such attacks.
APT attacks are usually conducted by organized hacker groups that have the required level of expertise and significant resources that enable them to create opportunities to achieve their goals through a combination of various attack vectors.
APT Framework – is designed for the most popular SIEM systems in the world: HPE ArcSight, IBM QRadar and Splunk.