There are many stages in the attack lifecycle in which we can detect or prevent an (advanced) attacker from getting closer to their final objectives. One thing we always come across however is that the attacker likes to persist in your environment, be it for two days, two months, or two years. It is important from a blue team perspective to understand the techniques employed by the attackers to remain in your environment for a longer period of time. In this webcast we'll look at some of the most common persistence mechanisms we see being used by a wide variety of attackers ranging from those who are involved in espionage, to the cyber criminals, and even ransomware gangs.