about us

threat detection
and responce

We support united nations sustainable goals
GOAL 13: Climate Action and
GOAL 16: Peace and Justice Strong Institutions

Threat refers to anything that has the potential to cause harm to a computer system or network. Threats are not the same as attacks. Threats represent the potential for attacks to occur; attacks are the act of breaking in or harming a computer or network. A more advanced form of threat, the Advanced Persistent Threat (APT), emerged several years ago. As the name suggests, the threat is sophisticated and remains in your network for a prolonged period, giving attackers a longer window to act. It can also be defined as the process by which you find threats on your network, your systems or your applications. The idea is to detect threats before they are exploited as attacks.

why do networks get hacked

Cyber criminals are usually after one of five things_ the end goal is usually monetary.

User credentials— cybercriminals are often not after you, but rather after your credentials. They want your username and password to get into systems that you have access. It is much easier to open a door with a key than pick a lock or break a window. Some attackers will use a technique called privilege escalation to grant themselves additional privileges by exploiting the underlying operating system. They then use these escalated privileges to get to what they are really after.

Personally identifiable information (PII)— Criminals want personal information they can use to impersonate you, such as a social security number or driver’s license number. These and other details maybe used to apply for credit cards, open bank accounts in your name, and the like.

Intellectual property or sensitive corporate information— Industrial espionage is alive and well. Nation-states are looking to steal trade secrets to boost their economies. Competitors are looking to gain an advantage or fill a gap in their offerings by taking advantage of what their rivals know. Employees are at risk for stealing important secrets for personal gain, or perhaps out of spite for being passed over for a promotion. Companies need to protect their product designs, customer databases, business processes, marketing plans, and more.

Ransom— Criminals have been extorting companies and individuals for years online. Their two most potent weapons are ransomware - where endpoint or server files are encrypted and a ransom demanded to unlock them. DDoS attacks where traffic floods web servers or networks with bogus traffic until the ransom is paid.

Revenge— some disgruntled users or so-called hacktivists look to bring down or slow down systems to protest company policy. In some cases, attackers may deface web pages to embarrass companies or government organizations.

examples of network threats

Malware—malicious software that infects your computer, such as computer viruses, worms, Trojan horses, spyware, and adware.

Phishing—fake emails disguised as legitimate communications that seek to steal sensitive information from an unwitting recipient.

Ransomware—a malware that encrypts files on an endpoint or server and then displays a message demanding ransom in exchange for decrypting files.

Trojan horseA computer-executable, sometimes known as a back door that can be remotely activated. It allows hackers to perform a variety of attacks.

Criminals have become so sophisticated and computer networks so vast – often with no actual perimeter – that traditional methods of detecting individual compromises are simply inadequate. A new approach using behavior to track normal and anomalous behaviors to detect threats has emerged.

User and entity behavior analytics (UEBA) is a new category of security solutions that uses analytics technology, including machine learning and deep learning, to discover abnormal and risky behavior by users, machines and other entities on the corporate network.

UEBA can detect security incidents that traditional tools do not see, because they do not conform to predefined correlation rules or attack patterns, or because they span multiple organizational systems and data sources.

Email us at info@fortpentesting.com or call us on +254707375084 for threat detaction services

Get this services by filling the form below or by calling us on +254707375084