Supported platform version:
The Privilege Escalation App is designed to orchestrate and optimize the organization’s security tools to conduct detection, investigation and mitigation operations against campaigns that try to gain admin privileges in order to conduct multiple attack types on an organization.
Privilege Escalation is often one of several steps in a multi-stage attack. The Privilege Escalation App identifies different indicators of the threat such different probes and malicious commands, brute force attempts and privilege escalation patterns, using the platform’s Intrusion Detection System and Network Behavior Analysis services. The Privilege Escalation App can be used to aggressively mitigate any privilege escalation tries, using the platform’s mitigation service, or can be purposed as a tool to indicate the first stages of a more complicated attack.