Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » Generic » APT- Advanced Persistent Threat

APT- Advanced Persistent Threat

An Advanced Persistent Threat (APT) is a highly sophisticated and long-lasting cyberattack strategy. In an APT, intruders infiltrate a network covertly, aiming to steal sensitive data over an extended period while avoiding detection.

Key APT objectives:

  • APT attackers target sensitive data like credit card information, bank accounts, passport details, and more.
  • APTs may seek to disrupt an entire system, including cloud resources, by deleting crucial databases.
  • Attackers may gain control of critical websites, potentially impacting stock markets or vital services like hospitals.
  • APTs aim to access essential systems using stolen user credentials.
  • Attackers seek sensitive or incriminating information via intercepted communications.

GhostNet APT

One notable example of an APT is GhostNet. Discovered in March 2009, GhostNet is considered one of the most sophisticated APTs. While its control infrastructure was largely traced to China, the Chinese government denied involvement. 

GhostNet executed attacks by sending spear-phishing emails with malicious files, leading to Trojan horse infections. Once compromised, the attacker could remotely control the infiltrated system, allowing malware downloads and full system control.

Additional reading

Streamlining Compliance Audits With Sprinto: The Power of Automated Evidence Collection

Evidence collection process involves maintaining dozens of spreadsheets, rolling deadlines, missing data, gathering data from siloed systems, managing checklists, implementing tools, and numerous back-and-forth conversations with auditors can be chaotic and eat away at your productivity. Juggling everything at once may seem achievable until you drop one ball, and your project spirals into chaos.  Automated…

GDPR for SaaS: A Complete Guide to Compliance, Challenges, and Automation

If you’re building or scaling a SaaS product that touches EU customer data, GDPR isn’t just another box to tick, it’s a high-stakes, non-negotiable business imperative. And these stakes can be in the form of multi-million euro fines, shattered trust, and compliance roadblocks that can stall growth. Whether you’re a founder racing toward product-market fit,…

Cybersecurity Monitoring: Importance, Steps and Examples

According to a report by Forbes, data breaches have surged by over 72%. The issue? Threats are outpacing security measures in terms of evolution, and volume. In a landscape where each vulnerability can lead to an exploit, cyber security monitoring can help you assess your security posture in real-time, and help you plug gaps for…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales