YoVDO

Using Atomic Red Team to Test Endpoint Solutions

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Penetration Testing Courses Atomic Red Team Courses

Course Description

Overview

Explore the effectiveness of endpoint security solutions using Atomic Red Team in this BSidesCharm 2018 conference talk. Delve into the current state of endpoint security, its evolution, and common testing approaches like penetration testing. Learn how to build your own Red Team and leverage the MITRE ATT&CK framework. Examine specific techniques such as AppleScript exploitation and input prompt manipulation. Discover the power of chaining attacks through examples like Ranger and Dragon's Tail. Gain insights on simulating Advanced Persistent Threats (APTs) to enhance your organization's security posture.

Syllabus

Intro
Current state
How did we get here?
Gut check - How do you feel?
How do you know it's working?
Common Approach - Pen Tests
Solution? Build your own Red Team?
ATT&CK!
T1155 - AppleScript
Detection Lifecycle using Atomic
T1141 - Input Prompt (AppleScript)
Level Up: Chain Reactions
Generating a Chain Reaction
Chain Reaction: Ranger
Chain Reaction: Dragon's Tail
A note on simulating APT


Related Courses

Network Security
Georgia Institute of Technology via Udacity
Proactive Computer Security
University of Colorado System via Coursera
Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera
Hacker101
HackerOne via Independent
CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent