APT attack assessment review service
APT is a purposeful network attack to break into a target's network. The assessment, testing, analysis, scanning and detection of APT attacks are aimed at ensuring that the customer's system is always in the most stable state, ready to handle network security incidents and establish. multiple layers of defense to protect, maintain stability for customers' systems
Tested items include
- Session
- Installed Drives
- Binary testing
- Application
- Auto-run
- Installed cerificates
- Processes
- Network Activity
- Registry
Tools to perform scan
- Sysinternal Suite
- Dumpit
- FTK Imager
- Wireshark
- TCPDump
- PCHunter
- Volatility memory forensics framework
- Veramine
- Software developed by CMC CYBER SECURITY