call
search

What is Cyber Cube?

In today's reality of lack of talent and a flood of security products, many companies are looking for the right solutions to build structured defense methods. Cyber cube is a self-use service that provides a quick overview on your organizational posture and readiness for an APT (Advanced Persistent Threat) attack.
It will take you through the "cyber kill chain" with a detailed questionnaire about the 3 main defense vectors. At the end of the process you will receive a picture of your organization's vulnerabilities and breaches (from the attacker's point of view) that can help you with more efficient protection.

cyber cube
Let's Start

Main three organizational defensive aspects (Z axis):

1 Preventive

Prevention is the first line of the defense in the control structure. Preventive is a passive technique designed to reduce the frequency of occurrence of undesirable events.

2 Detective

The second line of defense. These are devices, techniques ,and procedures designed to identify and expose undesirable events that elude preventive controls.

3 Responsive

The third line of defense. In order to limit the impact of an incident, Finding the root cause of the incident, Permitting affected systems back into the production environment and ensur that no threats are remains.

Six steps of typical cyber-attack (X axis)

1

Reconnaissance

Refers to the preparatory phase where an attacker seeks to gather information about the target prior to launching an attack. The attacker can choose or combine between passive reconnaissance (without directly interacting with the target) or active reconnaissance (interacting with the target directly by any means).

2

Getting Access

The attacker penetrates and obtains an initial hold on the victim's systems and network by activating the most targeted and effective "weapon" type to exploit the vulnerabilities identified in the Reconnaissance phase (zero-day break, social engineering, phishing, hacking, etc.).

3

Maintaining Access

The attacker penetrates and obtains an initial hold on the victim's systems and network by activating the most targeted and effective "weapon" type to exploit the vulnerabilities identified in the Reconnaissance phase (zero-day break, social engineering, phishing, hacking, etc.).

4

Lateral Movement

Once an attacker has established an hold based on the victim's internal network, he/she can now deepen its lateral movement on the network by installing malwares and gaining control over organizational assets. As part of this step, the attacker actually "lives on the victim's network", studies the him and prepares the infrastructure required to carry out the attack.

5

Preforming The Attack

At this step, the attacker executes his ultimate goal and implements the attack (theft of information, deletion of data, disabling of core systems, loading of network activity, damage to organizational assets, etc.).

6

Covering Tracks

The attacker uses various techniques and tools (Log Cleanup etc.) to hide and disguise his traces on the network to hinder the investigation process.

Let's Start
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Ariel-university

Design & UX by K2 Design

Copyright@ 2022 Citadel All rights reserved | Privacy Policy | Accessibility Statement

Copyright@ 2022 Citadel All rights reserved | Privacy Policy | Accessibility Statement

Design & UX by K2 Design