- This event has passed.
Membership Meeting 1/27/2021
January 27, 2021 @ 5:00 PM - 7:30 PM
Chapter Business Meeting Slides: 2021-01-27 Membership Meeting
Speaker Slides: 2021-01-27 Red Canary Threat Detection ReportTBD
MITRE ATT&CK home page: https://attack.mitre.org/
Github repo of Atomic Red Team: https://github.com/redcanaryco/atomic-red-team
Github Repo for Atomic Red Team execution fraemwork, Invoke-Atomic: https://github.com/redcanaryco/invoke-atomicredteam
Github repo for variation testing tool, AtomicTestHarnesses: https://github.com/redcanaryco/AtomicTestHarnesses
Installation wiki for Invoke-Atomic: https://github.com/redcanaryco/invoke-atomicredteam/wiki
Invoke-Atomic video tutorials: https://www.youtube.com/watch?v=-HEx-qfd54M&list=PL92eUXSF717W9TCfZzLca6DmlFXFIu8p6
About Atomic Red Team: https://github.com/redcanaryco/atomic-red-team/wiki/About-Atomic-Red-Team
Atomic Red Team microsite: https://atomicredteam.io/
Atomic Red Team Slack: https://slack.atomicredteam.io/
Atomic Test Harnesses Blog series:
Pt. 1: https://redcanary.com/blog/introducing-atomictestharnesses/
Pt. 2: https://redcanary.com/blog/threat-research-questions/
2020 Threat Detection Report: https://redcanary.com/threat-detection-report/introduction/
Previewing the 2021 Threat Detection Report: https://redcanary.com/blog/2021-threat-detection-report-preview/
Someone asked about the difference between Caldera and Atomic Red Team: https://redcanary.com/blog/comparing-red-team-platforms/
Here’s some information on mapping to ATT&CK (both on the context of Atomic Red Team and in the context of behavioral analytics): https://redcanary.com/blog/mitre-sub-techniques/
Topic: Simulating Adversary Tradecraft with Atomic Red Team and the Red Canary Threat Detection Report
We plan to discuss two important resources that leading teams are using to improve their security:
- 2020 Threat Detection Report: Red Canary’s annual in-depth analysis of of the top techniques for tens of thousands of threats seen in the wild. For each technique, we include detection, prevention, and testing strategies.
- Atomic Red Team: An open-source tool mapped to ATT&CK techniques valuable for benignly simulating specific adversary behaviors
Speaker: Brian Donohue, Red Canary
Brian has been writing about and researching information security for the last decade. He started his career as a journalist covering security and privacy. He later consulted as a threat intelligence analyst, researching adversaries and techniques for a variety of major banks, retailers, and manufacturers. At Red Canary, Brian helps guide research publication and technical messaging efforts.