SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, June 21, 2010

Mike Cloppert on Defining APT Campaigns

Posted on 7:05 PM by Unknown
Please stop what you're doing and read Mike Cloppert's latest post Security Intelligence: Defining APT Campaigns. Besides very clearly and concisely explaining how to think about APT activity, Mike includes some original Tufte-esque figures to demonstrate APT attribution and moving up the kill chain.
Email ThisBlogThis!Share to XShare to Facebook
Posted in apt, attribution, tufte | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • DojoCon Videos Online
    Props to Marcus Carey for live streaming talks from DojoCon . I appeared in my keynote , plus panels on incident response and cloud secur...
  • Mandiant Webinar Wednesday; Help Us Break a Record!
    I'm back for the last Mandiant Webinar of the year, titled State of the Hack: It's The End of The Year As We Know It - 2011 . And y...
  • Bejtlich Speaking at TechTarget Emerging Threats Events in Seattle and New York
    I will be speaking at two events organized by TechTarget , for whom I used to write my Snort Report and Traffic Talk articles. The one-da...
  • Hakin9 04/2009 Issue
    I just received a review copy of the 04/2009 Hakin9 magazine. I am most interested in reading part two of Tyler Hudak 's article on au...
  • Human Language as the New Programming Language
    If you've read the blog for a while you know I promote threat-centric security in addition to vulnerability-centric security. I think ...
  • Guest Post on SecureThinking about Cyber Shockwave
    BT asked me to write a guest post on their blog, so I provided a new Reaction to Cyber Shockwave . I hadn't really addressed one of the...
  • Review of Web Security Testing Cookbook Posted
    Amazon.com just posted my five star review of Web Security Testing Cookbook by Paco Hope and Ben Walther. From the review : I just wrote ...
  • Review of The Web Application Hacker's Handbook Posted
    Amazon.com just posted my five star review of The Web Application Hacker's Handbook by Dafydd Stuttard and Marcus Pinto. From the rev...
  • Bejtlich Returns to PaulDotCom Podcast
    The guys at PaulDotCom posted the podcast .mp3 (39 MB) they conducted last week . It was another debate between myself and Ron Gula. We ...
  • Bejtlich Teaching Special Session of TCP/IP Weapons School at GTEC DC
    Through a custom arrangement with Black Hat I am pleased to announce that I will teach a special session of TCP/IP Weapons School 3.0 at t...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ►  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ►  January (9)
  • ▼  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ▼  June (15)
      • Digital Forensics Magazine
      • Comments on Sharkfest Presentation Materials
      • Dealing with Security Instrumentation Failures
      • CloudShark, Another Packet Repository in the Cloud
      • All Aboard the NSM Train?
      • Mike Cloppert on Defining APT Campaigns
      • Full Disclosure for Attacker Tools
      • Can Someone Do the Afghanistan Math?
      • Light Bulbs Slowly Illuminating at NASA?
      • NITRD: "You're going the wrong way!"
      • June 2010 Hakin9 Magazine Published
      • "Untrained" or Uncertified IT Workers Are Not the ...
      • Publicly Traded Companies Read This Blog
      • Simple Questions, Difficult Answers
      • Reminder for Incident Responders
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile