What is Cyber Cube?

In today's reality of lack of talent and a flood of security products, many companies are looking for the right solutions to build structured defense methods. Cyber cube is a self-use service that provides a quick overview on your organizational posture and readiness for an APT (Advanced Persistent Threat) attack.
It will take you through the "cyber kill chain" with a detailed questionnaire about the 3 main defense vectors. At the end of the process you will receive a picture of your organization's vulnerabilities and breaches (from the attacker's point of view) that can help you with more efficient protection.

cyber cube
Let's Start

Main three organizational defensive aspects (Z axis):

1 Preventive

Prevention is the first line of the defense in the control structure. Preventive is a passive technique designed to reduce the frequency of occurrence of undesirable events.

2 Detective

The second line of defense. These are devices, techniques ,and procedures designed to identify and expose undesirable events that elude preventive controls.

3 Responsive

The third line of defense. In order to limit the impact of an incident, Finding the root cause of the incident, Permitting affected systems back into the production environment and ensur that no threats are remains.

Six steps of typical cyber-attack (X axis)

1

Reconnaissance

Refers to the preparatory phase where an attacker seeks to gather information about the target prior to launching an attack. The attacker can choose or combine between passive reconnaissance (without directly interacting with the target) or active reconnaissance (interacting with the target directly by any means).

2

Getting Access

The attacker penetrates and obtains an initial hold on the victim's systems and network by activating the most targeted and effective "weapon" type to exploit the vulnerabilities identified in the Reconnaissance phase (zero-day break, social engineering, phishing, hacking, etc.).

3

Maintaining Access

The attacker penetrates and obtains an initial hold on the victim's systems and network by activating the most targeted and effective "weapon" type to exploit the vulnerabilities identified in the Reconnaissance phase (zero-day break, social engineering, phishing, hacking, etc.).

4

Lateral Movement

Once an attacker has established an hold based on the victim's internal network, he/she can now deepen its lateral movement on the network by installing malwares and gaining control over organizational assets. As part of this step, the attacker actually "lives on the victim's network", studies the him and prepares the infrastructure required to carry out the attack.

5

Preforming The Attack

At this step, the attacker executes his ultimate goal and implements the attack (theft of information, deletion of data, disabling of core systems, loading of network activity, damage to organizational assets, etc.).

6

Covering Tracks

The attacker uses various techniques and tools (Log Cleanup etc.) to hide and disguise his traces on the network to hinder the investigation process.

Let's Start
2אדמה
2בנק הפועלים
AIG
AYALON-LOGO
bank-of-jerusalem
bank2
BankLeumiLogo
cal
DiscountBank
EL_AL_New_Logo
harel
ima2
IsracartNewLogo
Israel_Air_Industry
Israel_Chemicals_Ltd_Logo
Logo_Ormat_Technologies
Lumenis_Ltd_Logo_new
Marcantile
Migdal_Logo
Outbrain_Logo
perion_media_logo_1
Rashut_Sdot_Teufa
verint
Vishay
אוניברסיטת אריאל
אורבוטק
איטורו
אלטשולר שחם2
אנליסט
אקסלנס נשואה
אשטרום
ביטוח חקלאי
בנק דיסקונט
בנק ירושלים
בנק לאומי
הקרן הלאומית למדע
הראל
חיפה2
טאואר סמיקונדקטור בעמ
כלל חברה לביטוח
מיטרוניקס
מנורה מבטחים
נוירודרם בעמ
נמל אשדוד
רדווד-אינטרנשיונל-ספורטס
רשות המיסים בישראל2
רשות שדות התעופה