2023 Active Adversary Report for Security Practitioners

The remarkable decline in attacker dwell time is now well-documented, but what does that mean for those doing the hands-on work of infosecurity?

Unlike business leaders or tech leaders, practitioners are focused on finer details and actionable intelligence with which to protect the organization.

Among the roles commonly handled by practitioners, threat hunters do the forward-facing work that, when done well, ensures the organization sees around corners when it needs to. And responders look backward to understand what happened on systems in crisis even as they scramble to get the situation back under control, and prevent similar outcomes in the future.

In this report on the latest active adversaries, deep dive into what Sophos X-Ops’ Incident Response Team has learned about the current adversary landscape from tackling security crises around the world.