APT: Advanced Persistent Threat
Acronym Series

Written by: Allyn Crowe, Principal Security Engineer
Connect with Allyn on LinkedIn

In our Acronym Series, Nexum’s expert engineers define the industry’s most popular topics.

Acronym: APT – Advanced Persistent Threat

Definition: An APT is a threat actor with both significant resources and skill that engages in a prolonged attack against a target.


APTs have a variety of similar definitions depending on which resource you look at. But the key elements are skills and resources (the “Advanced” part), dedication to the attack (the “Persistent” part), and the attack (the “Threat” part). In the realm of information security, the term originated from the United States Air Force in 2006. It was developed to be an unclassified term for referring to nation-state sponsored attackers.

Within enterprise environments, the start of the APT was in January 2010, with the disclosure from Google that a sophisticated attack had targeted the company. These days the term has expanded to refer to any group that is resourced, skilled, and dedicated to attacking a target. There are multiple APT lists from different information security firms and vendors.

Ultimately, the key to an APT is that it’s not just some script kiddie who found an open port on a website. These threat actors are skilled, dedicated, and in it for the long term. Whether the goal of the APT is for corporate espionage, hacktivism, or terrorism, companies must be vigilant against APTs. 


Check Out More Resources

Nexum Resources

Enterprise Logging Best Practices

Each quarter, the managed security team at Nexum shares insights from our first*defense SNOCC. In this post, we decided to share some general logging best practices that are likely to benefit every organization.

Read More »