Skip to content
Log in

Advanced Persistent Threat (APT)

Definition

A category of attacker, typically nation-state or state-sponsored, characterised by high technical capability, long dwell times, specific targets, and disciplined operational security. Named APT groups (e.g. APT28, APT41) are tracked by threat intelligence vendors and government agencies.

Related terms

Insider threat
An incident originating from a person with legitimate access to an organisation's systems, whether through malicious intent (data theft, sabotage) or negligence...
MITRE ATT&CK
A publicly available knowledge base of adversary tactics, techniques, and procedures derived from real-world intrusion observations. Maintained by the MITRE Corporation. Techniques...
Threat actor
An individual or group responsible for a security incident or malicious campaign. Threat actors are categorised by motivation (financial, espionage, hacktivism, destruction)...
Threat intelligence
Processed, analysed information about adversaries, their capabilities, and their current or anticipated activities. Includes strategic intelligence (actor motivations and trends) and tactical...
Threat vector
The pathway or method a threat actor uses to gain access or cause harm. Examples include phishing email, unpatched software vulnerabilities, compromised...

Explained in

  • The Threat Landscape and Threat ActorsA category of attacker, typically nation-state or state-sponsored, characterised by high technical capability, long dwell times, specific targets, and discipli...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account