We examine a series of behaviors that are adversaries use to escalate, pivot, and persist throughout the network to uncover unknown actors operating in your network. Upon discovering the indicators, our team will analyze and confirm an active breach event.
During an active breach, our team assists your team with identifying the initial breach event, tracing what actions the adversary took, which hosts were compromised, and what data was lost. We provide hard disk and memory forensics support, log analysis, and timeline creation to help you fully understand the impact of the breach event.
SpecterOps adversary detection capabilities are focused on the premise that the adversary is already in your network. Our team of detection experts, armed with knowledge of the most current adversary tactics, hone in on the most important heuristic indicators that expose active attacker activity. Equipped with tools like ACE, Uproot, and PowerForensics for network data collection and forensics, our Adversary Detection team will scan your endpoints, gather and enrich the data, identify anomalies, assess impact, and assist with removing the adversary from your network.
This course focuses on proactively searching for malicious threat actors and closing the gap from infection to detection. You will learn cutting-edge techniques to collect and analyze host-based information and stop adversaries before they cause wide-scale damage.