The defensive tools, procedures and other controls commonly put in place to handle commodity security threats are often ineffective against targeted APT-style attacks. This is because the actors behind the intrusion are focused on a specific target and are able to customize and adapt their Tactics, Techniques and Procedures (TTP)
to predict and circumvent security controls and standard incident response practices. As a result, developing an effective and efficient defense strategy requires good
situational awareness and understanding. This analysis explains common APT lifecycle phases and provides an understanding of why APT defensive strategies require careful thought that goes beyond the implementation of common security hardware and software solutions.