As organizations deploy endpoint solutions, testing them becomes imperative. Often teams don’t know how to test or choose poor testing plans. In order to conduct these tests, Red Canary's applied research team has developed a free open source framework called Atomic Red Team. The framework is designed to provide teams with small, discrete tests that are vendor agnostic and representative of actual adversary behavior.
This talk will explore the Atomic Red Team framework and demonstrate basic tests, chaining tests, and opportunities for security teams to contribute to the framework. Our aim is to put a testing framework in the hands of large and small security teams to confirm that they have the coverage needed to face modern adversaries.
@ch41_ Adam is a security practitioner, beard enthusiast, and heavy metal connoisseur. For the better part of a decade he has worked across multiple security disciplines, such as architecture design and implementation, penetration testing, security engineering, and incident handling and response. As a Technical Account Manager with Red Canary, Adam provides strategic vision and practical solutions to help organizations improve their security posture.