micro_emulation_plans: This collection expands the impact of the Adversary Emulation Library by developing easy-to-execute adversary emulation content that targets specific behaviors and challenges facing defenders

Micro Emulation Plans

This collection expands the impact of the Adversary Emulation Library by developing easy-to-execute adversary emulation content that targets specific behaviors and challenges facing defenders. Rather than modeling full-scope breach scenarios, these micro emulation plans focus on smaller, more specific combinations of techniques. (We call these short sequences “compound behaviors” because they involve more than one adversary technique.) The plans produce signals similar to …

Read More

Previous articleDetecting LSASS dumping with debug privilegesNext articleOpen Cybersecurity Schema Framework – we have too many schemas, what we need is… another schema

Read more

Explore the site

More from the blog

Latest News