Protecting Against Cobalt Strike
Recently many large corporations have been struck by cyber-attacks, many of which were assumed or even proven to be perpetrated by the help of an offensive tool named Cobalt Strike. The protective measures developed by Black Cell Hungary Ltd. and described in this document are effective at preventing, detecting and remediating such attacks. Cobalt Strike has 38 distinct capabilities, each of which requires the implementation of specific logical, physical and administrative safeguards. These safeguards need to be applied though purpose-built security tools and devices.
Our methodology puts emphasis on the prevention of attacks. There are many easily detectable indicators of an impending attack, and through early detection and an appropriate response, attacks can be stopped before any damage has been done. Of course, by the nature of cyber attacks 100% protection can never be guaranteed, as such we have developed detailed methods for detecting, identifying and mitigating successful attacks. Our methodology is also highly effective against myriads of other cyber-attacks, besides those perpetrated with the help of Cobalt strike.