Chapter 16

Kill Chain Analysis

Abstract

Reaction is a key strategic principle in an engaged defense. It is helpful to consider how intrusions and exfiltrations universally occur, breaking them down into phases where the adversary motivation is clearly defined and distinguishable. Breaking an attack into phases suggests that one is underway. An intrusion in progress is not necessarily one that is successful, and each phase of the intrusion provides a point at which a defense can be mounted. The kill chain is a time-tested military model that categorizes adversary incursion into a combination of fundamental phases, and these phases are described in this chapter.

Keywords

Adversary; Exfiltration; Intrusion; Kill chain; Weaponization
We espouse kill chain ...

Get Advanced Persistent Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.