Recent years have seen the rise of many classes of cyber attacks ranging from ransomware to advanced persistent threats (APTs), which pose severe risks to companies and enterprises. While static detection and signature-based tools are still useful in detecting already observed threats, they lag behind in detecting such sophisticated attacks where adversaries are adaptable and can evade defenses. This chapter intends to explain how to analyze the nature of current multidimensional attacks, and how to identify the root causes of such security incidents. The chapter also elaborates on how to incorporate the acquired intelligence to minimize the impact of complex threats, and perform rapid incident response.
