Full Spectrum Cobalt Strike Detection: A Technical Profile from Recorded Future’s Insikt Group

ON-DEMAND WEBINAR

Using a combination of host and network-based detection methods and expert analysis, Recorded Future’s Insikt Group completed a deep technical profile of the commercial post-exploitation framework,
Cobalt Strike.

Cobalt Strike is a tool designed to aid penetration testers and red team operators in conducting authorized intrusions. Despite its original goal, since its release in 2012, Cobalt Strike has gained widespread popularity among state-sponsored threat actors and financially motivated threat actors.

To learn more, hear the Insikt Group analysts talk about the history of Cobalt Strike, its technical specifications, detection and response strategies, and their research methodology.

Can't see the form? You may have a browser extension blocking it. Please allow this page to load so you can submit the form.

You can unsubscribe from our communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

Highlights from the Insikt Group Cobalt Strike technical profile include:

A background on Cobalt Strike including when it changed from a pentesting tool to a popular hacking tool for state-sponsored threat actors
Details on the Cobalt Strike capabilities, observed threat actor use, host-based and network-based detections
Resources and mitigation tips in the event that Cobalt
Strike is identified