Talk:Advanced persistent threat
|This article is of interest to the following WikiProjects:|
Intro is hackey
Please improve the first paragraph.
It is amateurish, especially the use of the term "hacking processes". The term "hacking" used in a network security context should be reserved for the popular press, and for street talk, not for formal writing nor a precise definition.
It is an exact copy from the reference text. The reference seems questionable to me, I am not sure of the process of determining a good authoritative reference, but this doesn't seem like one.
A better intro might come from here: http://searchsecurity.techtarget.com/definition/advanced-persistent-threat-APT
In this blog post, Richard Bejtlich writes: "APT is not an effort -- it's a proper noun, i.e., a specific party." This seems to mean that saying "APT" is not like saying "organized crime", it's like saying "the Mafia" -- the name of a specific organization. Thoughts? --FOo (talk) 07:09, 17 April 2010 (UTC)
That's because historically APT was, and possibly still is used to refer to a specific actor (i.e. a person, group, or country) that was seen to be attacking the USA. Marketing caught on to the military term and started to use it to help market products, this lead to a lot of confusion and twisting of what APT is/means.
So it depends on the context that APT is being used: - - If it's a press release from a company that got compromised, it means it was any attack that they failed to stop (either attack was sophisticated or because their defences were weak, they imply the former but it could well be the latter). - If it's the US military then it may be a particular threat actor. - If it's marketing/sales they are trying to hype there product to say it can stop the attacks that have been engineered to bypass all the other defences (e.g. their competitors' products). — Preceding unsigned comment added by 220.127.116.11 (talk) 13:07, 4 June 2013 (UTC)
The title of this article should be "Advanced persistent threat". I would move the article, but it looks like moving articles became a special permission at some point when I wasn't paying attention. modify 03:56, 28 August 2011 (UTC)
- Never mind -- found the move link hiding in a dropdown UI element. modify 04:17, 28 August 2011 (UTC)
Doesn't explain much
What's all the "process" stuff in the first paragraph? "Process" has many different meanings depending on context, but it is unclear which one is used here.
The "Characteristics" section doesn't give any characteristics that distinguish APT from other computer threats. For instance, "Actions – The precise actions of a threat or numerous threats". So APT has actions, but so does any other threat. To make this a characteristic you have to explain what is special about the actions of APT vs non-APT threats. This section looks like bullet points copied from a Powerpoint presentation, but without the talk that the original presenter gave. 18.104.22.168 (talk) 21:50, 1 December 2014 (UTC)