Q: How do we approach testing using Atomic Red Team + @MITREattack? A: Pick a technique, execute test(s), and track: 1) We have tested this 2) We have defensive telemetry 3) We detect it 4) We block it Tests: <a href="https://github.com/redcanaryco/atomic-red-team">https://github.com/redcanaryco/atomic-red-team</a> Spreadsheet: <a href="https://docs.google.com/spreadsheets/d/1tGamZ46Sd_bzqMiwgsN1HST6qDiWR6ZwaguSmX9hUSM/edit?usp=sharing">https://docs.google.com/spreadsheets/d/1tGamZ46Sd_bzqMiwgsN1HST6qDiWR6ZwaguSmX9hUSM/edit?usp=sharing</a>

Keith

@kwm

Q: How do we approach testing using Atomic Red Team + @MITREattack?

A: Pick a technique, execute test(s), and track:

1) We have tested this
2) We have defensive telemetry
3) We detect it
4) We block it

Tests: https://github.com/redcanaryco/atomic-red-team

Spreadsheet: https://docs.google.com/spreadsheets/d/1tGamZ46Sd_bzqMiwgsN1HST6qDiWR6ZwaguSmX9hUSM/edit?usp=sharing

10/30/2018, 6:37:20 AM

Favs: 109

Retweets: 39

link