The MITRE ATT&CK framework is probably the most well-known framework in terms of adversary emulation and by extent, red teaming.It features numerous TTPs (Tactics, Techniques, and Procedures) and maps them to threat actors. Being familiar with this framework is not only benefiting the red team operations but the blue team operations as well! To create …
Continue reading “MITRE ATT&CK turned purple – Part 1: Hijack execution flow”
In my previous post, I promised to expand on the distinction between adversary emulation, adversary simulation, red teaming, and purple teaming, or at least how I tried to distinguish these terms in a way that made sense to me Emulation and simulation; I’ve heard both terms used interchangeably to refer to the same type of …
Continue reading “What’s in a name? Thoughts on Red Team nomenclature”
In this blog post, we will discuss a fairly new concept that has been gaining a lot of traction recently: Adversary Emulation. Adversary emulation aims to test a networkās resilience against advanced attackers or advanced persistent threats (APTs). To do so, the adversaryās tactics, techniques, and procedures (TTPs) are emulated along the cyber kill chain, …
