Threat Terminology
The proactive process of searching for and detecting threats that have bypassed existing security controls, often assuming a breach has already occurred.
What is Threat Hunting?
APT known for spear-phishing and exploits targeting government.
Who is APT28 (Fancy Bear)?
Offers deep packet inspection (DPI) and a wide array of integrated security features to address modern, complex cyber threats.
What is NGFW - Next Generation Firewall?
A network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies
What is a Firewall?
Palo Alto Networks' Attack Surface Management (ASM) solution
What is XPANSE?
Synthetic media that uses AI to fabricate or manipulate audio, video, or images.
What is a Deepfake?
Uses malware like WellMess and deploys supply chain attacks.
Who is APT29 (Cozy Bear) ?
A highly fortified and managed Browse environment, addressing the security challenges of modern, distributed workforces and the increasing reliance on web applications.
What is Prisma Access Browser (PAB)?
The process of verifying the identity of a user, process, or device to ensure they are who they claim to be, often through passwords, biometrics, or security tokens
What is Authentication?
PANW's Extended Security Intelligence & Automation Management.
What is XSIAM?
This type of attack targets vulnerabilities in an organization's vendors, partners, or software components to gain access to the primary target.
What is a Supply Chain Attack?
Financially motivated, using ransomware and banking malware.
Who is Lazarus Group?
It protects Artificial Intelligence (AI) systems, applications, and models while they are live and operational in production.
What is AI Runtime Security?
The process of converting information or data into a code to prevent unauthorized access, making it unreadable without the correct decryption key.
What is Encryption?
The goal is to extort money from the victim.
What is Ransomware?
Any individual, group, or entity that poses a risk to digital systems, infrastructure, or data.
What is a Threat Actor?
Known for sophisticated malware and exploits like Stuxnet
Who is Equation Group?
It focuses on collecting and analyzing data from endpoints (laptops, desktops, servers) to detect and respond to threats.
What is Cortex XDR?
A documented set of procedures that guide an organization on how to react to and recover from a cybersecurity incident, aiming to minimize damage and recovery time.
What is an Incident Response Plan?
Malicious code hidden in software updates, compromising thousands of government and corporate networks.
What is SolarWinds (2020)?
A systematic and planned approach that organizations use to identify, handle, and recover from cybersecurity threats and breaches. I
What is Incident Response?
Conducts espionage and financially motivated attacks with malware.
Who is APT 41?
Designed to help security operations teams (SOCs) manage and respond to cybersecurity incidents more efficiently and effectively
What is XSOAR?
A simulated cyber attack against your computer system to check for exploitable vulnerabilities, much like a controlled ethical hack.
What is Penetration Testing (or Pen Testing)?
This worm led to $15 billion in damages in 2000.
What is ILOVEYOU worm?