Re: Once they've gained administrative access
No. Not at all. Once they have admin rights, they still have to evade your IDS/IPS/AV and any monitoring systems. That's what they use the VM for. What they can't hide is the memory used by their VM.
Biting the hand that feeds IT © 1998–2020