Secure and protect infrastructure

An adversary may secure and protect their infrastructure just as defenders do. This could include the use of VPNs, security software, logging and monitoring, passwords, or other defensive measures. [1]

ID: T1317
Sub-techniques:  No sub-techniques
Tactic: Adversary Opsec
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Indistinguishable from standard security practices employed by legitimate operators.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Adversary benefits from our own advances, techniques, and software when securing and protecting their own development infrastructure.


  1. Brian Krebs. (2014, August 4). Chinese VPN Service as Attack Platform?. Retrieved March 6, 2017.