VendorsDirectDefense
DirectDefense
Cybersecurity reports and statistics published by DirectDefense
8 categories1 reports
Research Reports
Reports and publications from DirectDefense
Recent Statistics & Reports
The average time from initial access to domain control has shrunk to under two hours.
4/15/2025•
Initial accessDomain control
For Credential Access, the most observed technique by DirectDefense is Brute Force, automated attacks on authentication systems. Alerts triggered for Credential Access include: Account Lockout Events.
4/15/2025•
MITRE ATT&CKCredential accessBrute force
For Execution, the most observed technique by DirectDefense is Malicious File Execution, tricking users into running malware via phishing and social engineering. Alerts triggered for Execution include: Malicious File Detected.
4/15/2025•
MITRE ATT&CKExecutionMalicious file execution
For Initial Access, the most observed technique by DirectDefense is Valid Accounts, which involves leveraging stolen credentials for unauthorized access. Alerts triggered for Initial Access include: First Ingress Authentication from Country, Multiple Country Ingress Authentications, Multiple Wireless Country Authentications.
4/15/2025•
MITRE ATT&CKInitial accessValid accounts
Ransomware deployment occurs in as little as six hours
4/15/2025•
Ransomware
DirectDefense mapped alerts to the MITRE ATT&CK® framework to identify the top five tactics. The top five tactics identified are: Initial Access, Persistence, Lateral Movement, Execution, and Credential Access.
4/15/2025•
MITRE ATT&CKInitial accessPersistence
For Persistence, the most observed technique by DirectDefense is MFA Interception, where attackers manipulate MFA settings to maintain access. Alerts triggered for Persistence include: New MFA Authenticator App Added, Account Manipulation.
4/15/2025•
MITRE ATT&CKPersistenceMFA
For Lateral Movement, the most observed technique by DirectDefense is Valid Accounts, using stolen credentials to escalate privileges. Alerts triggered for Lateral Movement include: Lateral Movement – Local Credentials.
4/15/2025•
MITRE ATT&CKLateral movementValid accounts