The Kill Chain
ReconnaissanceHarvesting email addresses, conference information, etc |
WeaponizationAttackers preparing and staging the attack by coupling exploit with backdoor into deliverable payload. 
|
DeliveryDelivering weaponized bundle to the victim via email, usb, etc. |
ExploitationExploiting a vulnerability to execute code on victim's system 
|
InstallationInstalling malware on the asset |
Command & ControlCommand channel for remote manipulation of victim's system 
|
Action on ObjectivesWith hands on keyboard, intruders accomplish. |
What - Model Stages of Cyber Intrusion Activity
Why - Understand adversaries and identify weakness in process, technology and people
How - Describes Fortinet ATP Product Positioning