How Metadata and NetFlow Analysis Supports the Kill Chain Framework

In 2011, computer scientists at Lockheed Martin established a framework that defined the steps taken by bad actors as they target and attempt to breach an organization. They called the framework the intrusion kill chain (now commonly called the cyber kill chain) and it consisted of seven stages, which I will discuss below.