ABSTRACT
Sun Tzu sums things up pretty nicely when he said the opportunity to secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself. Understanding the tools and techniques of the hackers allows us to discover and exploit their weaknesses. The intrusion kill chain is defined as reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives. Exploitation—after the weapon is delivered to the victim host, exploitation triggers intruders' code. Most often, exploitation targets an application or operating system vulnerability, but it could also more simply exploit the users themselves or leverage an operating system feature that auto-executes code. A competent partner will try to identify and exploit vulnerabilities in systems and networks by mounting attacks from outside systems. The Chief Information Security Officer must look at how to prioritize the alerts.
