Adversary simulation with USM Anywhere

By Fernando Martinez and Javier Ruiz of AT&T Alien Labs.
In our previous blog, we analyzed how it is possible to map malware threats using the MITRE ATT&CK™ framework. In this blog, we will test the USM Anywhere platform against red team techniques and adversary simulations. We performed this analysis as part of our continuous efforts to improve the platform’s detection effectiveness.
There are numerous frameworks that can help you simulate the actions that a red team would perform in a post-compromise situation – as well as techniques associated with particular APT groups. These frameworks allow you to simulate malicious activities at an enterprise level, without actually infecting any systems. They just generate enough activity to validate defensive telemetry and test incident response plans and playbooks.
When running scenarios, we will cover a wide variety of techniques using the new MITRE ATT…

Posted by: Fernando Martinez

Read full post

       

The post Adversary simulation with USM Anywhere appeared first on Cybersecurity Insiders.

July 03, 2019 at 09:09AM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security