Evasion
Brief
Detect and respond to attackers who are performing actions to evade detection
After initial compromise, an adversary seeks to avoid detection to establish persistence within the network. As a result, hackers will leverage a variety of evasion methods in order to circumvent detection, such as clearing audit logs, encrypting data and scripts, or using a TOR proxy to hide web activity.
By hiding their activity and evading the organization’s detection mechanisms, they are awarded enough time to carry out their true objective such as deploying malware for exfiltrating data, encrypting files for ransomware, or exploiting resources for crypto-mining. The longer the cybercriminals evade detection, the greater the costs to the organization. Today, it takes on average 280 days to identify and contain a data breach. However, an organization will save on average $1.12 million if they contain a breach in less than 200 days.
Exabeam helps security teams outsmart adversaries taking evasive actions with the support of automation and use case content across the full analyst workflow, from collection to response.
