1st Half 2020

Threat Hunting Findings from H1 2020

Download the Report

Armed with cloud-scale telemetry of over 3 trillion endpoint events collected per week, and detailed tradecraft on 140 adversary groups, OverWatch has the unparalleled ability to see and stop the most sophisticated threats, leaving adversaries with nowhere to hide.








Crowdstrike’s OverWatch team analysed intrusions and attacks in the first half of 2020 and identified a sharp rise in potential intrusions.

More hands-on keyboard intrusions in the first half of 2020 than seen in the whole of 2019, partially due to the increase in attack surface as a result of Covid-19

All of 2019


Jan                        Apr                         Jul                             Dec                     






Cumulative Potential Intrusions Identified by Falcon OverWatch 

E-Crime attacker groups continue to dominate the culprits, with big game ransomware yielding larger rewards.

Mimikatz, Cobalt Strike and PowerShell Empire continue to be the most used pen-testing tools in attacks.

Dharma Ransomware continues to be the most commonly deployed ransomware in E-Crime attacks in H1.

So what's going on?

How are we doing this?

Saepio are always on hand to offer advice and guidance when it comes to our security decisions. They are an asset for BDO and are a pleasure to work with.


Trust is everything to us


© 2020 Saepio Solutions Ltd 
Company number 10343084 


Contact@Saepio.co.ukClick to call +44 0 1494 216 061

And this is where we come in


Saepio and Crowdstrike raise awareness of the key attacker techniques so you can better detect and respond to the threats.  Through exposure to the types of intrusions and adversary methods, and mapping them to the MITRE ATT&CK framework, we help you gain a granular understanding of how to mitigate the risks.

These                 trends present an enhanced level of security risk!


Understand in detail real world attacks seen in H1, the key techniques, intrusion types and bad actors that will continue attacking into H2

Get key recommendations from a team monitoring and defending against adversaries 24/7/365.

Register your interest in this and future events

Join us on the 22nd October for another of our EXCLUSIVE, invite only, virtually hosted events.

Cybercrime & Cocktails

Come away with a strong understanding of how to monitor and defend against similar types of attacks.


Join us on ZOOM to discuss the Report with experts from Saepio and Crowdstrike.

Use the guidance of our mixologist to create a delicious beverage or two.

Optionally schedule a 1-to-1 with an expert to talk further and walk away wiser and better connected.

You can't find what you can't see...

Learn more with our blog

by Joseph Hedegaard Ganly

Connect with me on Linkedin

Please hurry to avoid disappointment