RedEye
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
In collaboration with Center Participants, the Center for Threat-Informed Defense (Center) maintains a library of adversary emulation plans to allow organizations to evaluate their defensive capabilities against real-world threats. Emulation plans are an essential component in testing current defenses for organizations that are looking to prioritize their defenses around actual adversary behavior. The library contains two types of adversary emulation plans: full emulation and micro emulation. Full emulation plans are a comprehensive approach to emulating a specific adversary, e.g. FIN6, from initial access to exfiltration. These plans emulate a wide range of ATT&CK tactics & techniques and are designed to emulate a real breach from the designated adversary. Micro emulation plans are a focused approach to emulating compound behaviors seen across multiple adversaries, e.g. webshells.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
An informational repo about hunting for adversaries in your IT environment.
FraudGuard is a service that provides real-time internet traffic analysis and IP tracking to help validate usage and prevent fraud.
Repository with projects for photo and video hashing, content moderation, and signal exchange.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
The FASTEST Way to Consume Threat Intelligence and make it actionable.