As organisations and individuals – we are all at risk from an increasing range of new and evolving cyber security threats.


Adversaries utilise a range of techniques to gather information that can be used to acquire targets and inform optimal attack vectors.

Resource Development

Adversaries compile resources such as email accounts, domains and other infrastructures or capabilities that improve targeting and can be leveraged to provide the attacker with significant power and access.

Initial Access

These techniques use various entry vectors to gain an initial foothold within a network.


Vulnerabilities allow malicious actors to remotely execute arbitrary commands within a machine or network.


Persistent threats are attacks in which an unauthorized user gains system access and maintains access by staying undetected.

Privilege Escalation

Malicious actors increase their access to the network and its assets and resources by exploiting design flaws, bugs, or configuration faults in an application or operating system.

Credential Access

Attackers deny their victims access by changing their passwords. Important information is then stolen, deleted, or used to access other networks.

Lateral Movement

Once gaining access, attackers leverage their position to move deeper into a network for sensitive data and valuable assets.

Defence Evasion

Attackers utilise techniques to avoid detection such as encryption of data and deactivating security software.

Data Collection

Typically, malware is used to scan a computer or network to exfiltrate sensitive information.

Social Engineering

The victim is psychologically manipulated into granting the attacker access to sensitive information and assets. Phishing and homograph attacks are common examples of this.


Individual or company data that is copied, transferred, or retrieved without authorization.