Advanced Persistent Threats (APTs) are highly developed and targeted attacks that operate covertly in order to leave no visible traces. A survey conducted by the German Federal Office for Information Security shows that these are one of the top three potential threats to companies and organisations. TÜVIT offers various modules to prevent Advanced Persistent Threats.
Holistic approach
In order to defend against the risk of organized cybercrime presented by APTs, we recommend that organizations of all sizes should develop an IT security strategy. It is not only internationally active companies that are affected by APTs. In the context of globalization, even small and medium-sized enterprises are attracting the attention of hackers, in order to compromise the IT systems and data of large companies through the supposedly less secure infrastructure of suppliers.
By contrast, startups are popular targets of attacks because of their innovative business ideas. We therefore advise that the effectiveness of the technical and organizational measures of your security strategy should regularly be tested against new types of attack.
Example method of an APT attack
During an APT attack, cyber criminals proceed very methodically and cautiously. In order to remain undetected for as long as possible, they use e.g. spear phishing, social engineering and drive-by attacks. Months typically pass before such attacks are detected.
Our services at a glance
- review of your IT security strategy
- definition of your security maturity level
- identification of vulnerabilities
- determination of the need for action, recommended measures
- performance of needs-oriented penetration tests, e.g.:
- social engineering attacks
- phishing and spear phishing attacks
- drive-by attacks
- attacks by placing external devices
- evaluation of your data loss prevention measures
- test-related support
Your benefits at a glance
- with TÜVIT, you have as your partner one of the leading experts in the field of cyber security, which is certified by the German Federal Office for Information Security as an IT security service provider for IS audits and penetration tests
- efficient performance of penetration tests using a specially developed test platform, the “Distributed Penetration Platform” (DPP)
- objective analysis and assessment of the established technical and organizational security measures
- increasing the efficiency and overall security level through individually derived recommendations for action