Adversary Emulation Library
0
Free
In collaboration with Center Participants, the Center for Threat-Informed Defense (Center) maintains a library of adversary emulation plans to allow organizations to evaluate their defensive capabilities against real-world threats. Emulation plans are an essential component in testing current defenses for organizations that are looking to prioritize their defenses around actual adversary behavior. The library contains two types of adversary emulation plans: full emulation and micro emulation. Full emulation plans are a comprehensive approach to emulating a specific adversary, e.g. FIN6, from initial access to exfiltration. These plans emulate a wide range of ATT&CK tactics & techniques and are designed to emulate a real breach from the designated adversary. Micro emulation plans are a focused approach to emulating compound behaviors seen across multiple adversaries, e.g. webshells.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.
A daily collection of IOCs from various sources, including articles and tweets.
A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.
A cybersecurity tool with online demo, mailing list, and multiple installation methods.
A framework for managing cyber threat intelligence in structured formats.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
Tool for dataviz and statistical analysis of threat intelligence feeds, presented in cybersecurity conferences for measuring IQ of threat intelligence feeds.
A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security