Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,520 --> 00:00:03,830 So most times it happens in an interview. 2 00:00:03,850 --> 00:00:10,780 That interview always asks the question related to Mr. Tech or maybe the cyber question so they can 3 00:00:10,780 --> 00:00:16,360 be ask you the difference between the mightier attack and cyber chain, because, you know. 4 00:00:16,720 --> 00:00:18,340 Well, we'll talk about it, right? 5 00:00:18,340 --> 00:00:21,390 We'll talk about the difference in the upcoming videos. 6 00:00:21,400 --> 00:00:22,510 So another issue. 7 00:00:22,540 --> 00:00:25,970 So let me start with the what is exactly the media tech. 8 00:00:25,990 --> 00:00:30,470 So if you search on Google, you will get it the this attack, right? 9 00:00:30,490 --> 00:00:32,460 So actually, this is not an attack. 10 00:00:32,470 --> 00:00:40,370 It's a double D and it means adversarial tactics, techniques and common knowledge. 11 00:00:40,390 --> 00:00:40,860 Right. 12 00:00:40,870 --> 00:00:42,420 So this is what attack? 13 00:00:43,920 --> 00:00:50,370 And it is one of the framework which is a curated knowledge base and model for cyber adversary behavior, 14 00:00:50,460 --> 00:00:55,710 reflecting the various phases of an adversary's attack lifecycle and the platform they are known to 15 00:00:55,710 --> 00:00:56,370 target. 16 00:00:56,940 --> 00:01:02,130 Now, what is to be in that if you already have our tactics, techniques and the procedures? 17 00:01:02,130 --> 00:01:02,580 Right. 18 00:01:03,660 --> 00:01:07,500 So these tips are nothing but the tactics, techniques and procedures. 19 00:01:07,500 --> 00:01:13,290 And these are the behaviors, methods or patterns of activity used by threat actor or group of threat 20 00:01:13,290 --> 00:01:13,860 actor. 21 00:01:14,670 --> 00:01:16,710 So now our next question we have. 22 00:01:16,740 --> 00:01:19,620 Can you explain tactics and technique? 23 00:01:19,710 --> 00:01:21,270 So now what is tactics? 24 00:01:21,270 --> 00:01:29,340 So tactics are movement with difficulty, statism, cunning action to achieve something right in a in 25 00:01:29,340 --> 00:01:31,300 a short form or in simple language. 26 00:01:31,320 --> 00:01:40,050 If I try to explain this tactics is is actually your goal, let's say initial access, right? 27 00:01:40,050 --> 00:01:43,320 So getting some access, is this your goal? 28 00:01:43,320 --> 00:01:46,740 Right, for what you are actually everything is doing. 29 00:01:46,950 --> 00:01:48,300 Now, what is technique? 30 00:01:50,590 --> 00:01:54,100 A technique is a way to find your goal, right? 31 00:01:54,130 --> 00:01:55,630 To find your tactics. 32 00:01:55,630 --> 00:01:58,330 So let's say a spear phishing. 33 00:01:58,510 --> 00:02:00,280 Spear phishing through a spear phishing. 34 00:02:00,280 --> 00:02:03,250 You are you are trying to. 35 00:02:04,070 --> 00:02:04,460 Data. 36 00:02:04,520 --> 00:02:06,470 Initial access in the organization. 37 00:02:06,830 --> 00:02:10,270 So this is what tactics and techniques is difference actually. 38 00:02:10,280 --> 00:02:14,060 So technique is a skill and knowledge of a given art or occupation. 39 00:02:14,210 --> 00:02:14,750 Correct. 40 00:02:15,260 --> 00:02:20,450 Now, next question we have which one you will prefer more TTP or IOC than Y? 41 00:02:21,020 --> 00:02:24,860 Obviously, we we can see our tips are behavioral, right. 42 00:02:25,190 --> 00:02:32,810 Whatever the bad actors are against the right actor is going to launch the attack tips depends directly 43 00:02:32,810 --> 00:02:40,370 on those things that how actually on which phase what is actually happening right and IOC is nothing 44 00:02:40,370 --> 00:02:48,290 but you can collect the indicators whatever the compromises is going to happen through that network, 45 00:02:48,920 --> 00:02:51,020 through that at sorry, through that attack. 46 00:02:51,530 --> 00:02:58,250 So if I talk about database behavior, right, behavioral based and IOC aesthetic ways. 47 00:02:58,430 --> 00:03:04,100 So definitely if both are preferable, but more preferable is to be. 48 00:03:05,320 --> 00:03:08,020 Have you remember our tactics in mightier attack? 49 00:03:08,170 --> 00:03:15,160 So, yes, 14 there are 14 tactics and you can check all those 14 tactics on Google and you can learn 50 00:03:15,160 --> 00:03:17,740 all those things that are actually working. 51 00:03:18,360 --> 00:03:18,580 Right. 52 00:03:18,640 --> 00:03:22,110 So they can ask you, so now what is defense evasion? 53 00:03:22,120 --> 00:03:26,800 So defense evasion is one of the adversary which is trying to avoid being detected. 54 00:03:26,800 --> 00:03:33,490 And for that, they use different different of techniques, let's say uninstalling disabling security 55 00:03:33,490 --> 00:03:36,520 software, encrypting data and scripts. 56 00:03:36,520 --> 00:03:41,140 So different, different there is different, different things you can actually go then on that attack 57 00:03:42,310 --> 00:03:42,970 website. 58 00:03:43,240 --> 00:03:48,460 Now what is position in miter and can you name some path where it maintains their foothold? 59 00:03:48,460 --> 00:03:53,680 So mainly the path is merely on start of folders, maybe on the registries. 60 00:03:53,680 --> 00:03:57,460 In the registries there will be a there we may be. 61 00:03:59,570 --> 00:04:03,920 Definitely in the startup folders, maybe on the different, different phases. 62 00:04:04,310 --> 00:04:07,250 And now what is the position actually? 63 00:04:07,250 --> 00:04:11,360 So everybody is trying to maintain their foothold. 64 00:04:11,760 --> 00:04:12,050 Right. 65 00:04:12,050 --> 00:04:15,050 So once you gain all the privileges escalation. 66 00:04:15,050 --> 00:04:17,990 So you have to maintain your access. 67 00:04:18,500 --> 00:04:20,960 So for that, we use persistence. 68 00:04:22,240 --> 00:04:26,160 And there are some techniques like boot or log on auto start execution. 69 00:04:26,170 --> 00:04:28,720 There is also more you can you can directly. 70 00:04:29,020 --> 00:04:33,070 I'm saying from the last one that you can actually go on that miter attack. 71 00:04:33,100 --> 00:04:33,490 Go. 72 00:04:34,380 --> 00:04:35,480 Our website. 73 00:04:35,750 --> 00:04:36,920 What is lateral movement? 74 00:04:36,920 --> 00:04:40,040 The adversary is trying to move through your environment. 75 00:04:40,920 --> 00:04:42,990 Now here is the actual difference. 76 00:04:43,260 --> 00:04:49,260 We'll talk about this difference because for that, we need a cyber kill chain. 77 00:04:49,410 --> 00:04:53,330 We need to understand then only we can get to know all this difference. 78 00:04:53,340 --> 00:04:55,830 So we'll talk about this in the next video. 7112