Identity & Credential Abuse

Attacks targeting user identities, passwords, and authentication systems to gain unauthorized access.

PhishingSpear PhishingWhale PhishingBrute Force AttackBusiness Email CompromisePrivileged User CompromiseWeb session cookie theft

Endpoint Abuse

Threats targeting endpoints such as desktops, laptops, and mobile devices to compromise or control them.

MalwareRansomwareSpywareVirusesDrive-by Download AttackZero-Day Exploit

Web Application Attacks

Exploits targeting web applications through injection, scripting, and other vulnerability-based techniques.

SQL InjectionCross-Site Scripting (XSS)

Post-Exploitation

Activities performed after initial access to escalate privileges, move laterally, and maintain persistence.

Command and Control AttackMan-in-the-Middle Attack

Infrastructure Availability

Attacks aimed at disrupting the availability of critical infrastructure, networks, and services.

DDoS AttackDNS Tunneling

Cloud & SaaS Abuse

Threats exploiting cloud services, misconfigurations, and SaaS platforms to access or manipulate data.

DDoS AttackDNS Tunneling

Trust Abuse

Attacks exploiting trust relationships between systems, supply chains, and organizational partnerships.

Supply Chain AttackInsider Threat

Advanced Techniques

Sophisticated attack methods used by APTs and skilled threat actors employing cutting-edge tactics.

Advanced Persistent ThreatMeltdown and Spectre Attack