As organizations deploy endpoint solutions, testing them becomes imperative. Often teams don’t know how to test or choose poor testing plans. In order to conduct these tests, Red Canary's applied research team has developed a free open source framework called Atomic Red Team. The framework is designed to provide teams with small, discrete tests that are vendor agnostic and representative of actual adversary behavior.
This talk will explore the Atomic Red Team framework and demonstrate basic tests, chaining tests, and opportunities for security teams to contribute to the framework. Our aim is to put a testing framework in the hands of large and small security teams to confirm that they have the coverage needed to face modern adversaries.