← Back to Explore
T1587
Develop Capabilities
Adversaries may build capabilities that can be used during targeting. Rather than purchasing, freely downloading, or stealing capabilities, adversaries may develop their own capabilities in-house. This is the process of identifying development requirements and building solutions such as malware, exploits, and self-signed certificates. Adversaries may develop capabilities to support their operations throughout numerous phases of the adversary lifecycle.(Citation: Mandiant APT1)(Citation: Kaspersk...
PRE
4
Detections
2
Sources
3
Threat Actors
BY SOURCE
3sigma1elastic
PROCEDURES (2)
Process Creation Monitoring3 detections
Auto-extracted: 3 detections for process creation monitoring
General Monitoring1 detections
Auto-extracted: 1 detections for general monitoring