The Cyber Kill Chain model, developed by Lockheed Martin, breaks down adversary behavior into discrete phases: reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives. Security teams use this framework to identify defensive opportunities at each stage and understand where attacks were detected or prevented. By analyzing which chain stages defenses successfully disrupted, organizations improve their security posture and incident response. For instance, a financial institution might deploy email filtering to block delivery-stage attacks and network segmentation to prevent lateral movement during the command-and-control phase.