In cybersecurity, which action describes pivoting?

Pivoting in cybersecurity refers specifically to the technique of exploiting an initial breach or foothold in a network to gain access to other systems or networks. Once an attacker successfully compromises one device or system, they can leverage that access to move laterally through the network or even access more sensitive systems that may not have been directly compromised. This is often a calculated step in an overall attack strategy, allowing bad actors to extend their reach and capabilities within the compromised environment.

The other actions listed do not align with the definition of pivoting. Shifting focus to a new software platform is unrelated to network compromises. Searching for vulnerabilities in a server might be a preliminary step but does not involve using an existing breach to access more systems. Backing up data to a secure location is a protective measure, not an offensive action to gain further access after an initial compromise. Thus, the correct understanding of pivoting highlights its role in expanding an attack's scope beyond the initially compromised system.