Advanced persistent threats pose a significant challenge for blue teams as
they apply various attacks over prolonged periods, impeding event correlation
and their detection. In this work, we leverage various diverse attack scenarios
to assess the efficacy of EDRs and other endpoint security solutions against
detecting and preventing APTs. Our results indicate that there is still a lot
of room for improvement as state of the art endpoint security systems fail to
prevent and log the bulk of the attacks that are reported in this work.
Additionally, we discuss methods to tamper with the telemetry providers of
EDRs, allowing an adversary to perform a more stealth attack.