Expel Quarterly Threat Report Q1 2023
This Expel Quarterly Threat Report (QTR) delivers intelligence you can put into play today on some of the most active attack vectors our SOC leadership team observed in the first quarter of this year. By sharing how attackers got in, and how we stopped them, we’ll translate the security events we detect into security strategies for your org. We surface the most significant data we’re seeing in our threat detection and response efforts and curate that data into trends that can impact your cybersecurity posture. (How’s that for building resilience?) Get a copy of the Expel Q1 2023 Threat Report. Some preview highlights of what we saw:
- 57% of all incidents our SOC handled in Q1 were identity-based attacks (account compromise, account takeover, and long-lived access key theft).
- 24% of incidents were the deployment of commodity malware and malware families linked to pre-ransomware operations
- 6% of the incidents were authorized penetration tests, red team, and purple team activity.