A true advanced threat is a “who”, not a “how.” All too often we equate an advanced threat with the new 0-day exploit or targeted malware, but these are not the threats, they are the tactics of the attacker.
Security vendors have pulled the perfect long-con on the world by convincing us that Advanced Threat Defense (ATD) is malware or spear phishing or browser exploits, and ignoring the fact that at the other end of that spear phish is someone with a propensity to break into your network in any way possible. Are we to believe that since advanced malware vendors may detect a new browser exploit that they have actually stopped the attacker from accessing your network? No. True advanced threats, the people that want your data, will pound and pound on the door until they knock it off the hinges. Of course these niche Advanced Tactic Detection ATD products have a place to try to detect a portion of the attempts to breach the network. What is really core to the defense against advanced threats is the ability to find them in your network.