An advanced persistent threat is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. [[MITRE ATT&CK]] maps APTs to adversary tactics and techniques. From [[Advanced Penetration Testing (highlights)]]: > I want to show how conventional penetration testing is next to useless when attempting to protect organizations against a targeted APT attack. Only by going beyond the stagnant nature of contemporary penetration testing methodologies can this hope to be achieved. Potential adversaries today include organized crime and nation states—it's worth pointing out that foreign intelligence agencies (of any nation) are heavily invested in industrial espionage, and not just against hostile nations.