Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations

Ekoparty Security Conference via YouTube

Overview

Explore adversary emulation techniques in this 55-minute conference talk from Ekoparty Security Conference. Learn how the MITRE ATT&CK Evaluations team improves cybersecurity by studying advanced threat actors, developing scenarios, and executing operations against major EDR vendors. Discover the process of merging cyber threat intelligence (CTI) and red team development capabilities, using a Latin American APT as an example. Follow along as speakers demonstrate evaluating technical reports, building scenarios, creating CTI diagrams, and addressing data gaps. Gain insights into the collaboration between CTI and red teams, including malware development, tool creation, and infrastructure setup. Understand the implementation of techniques like process injection, persistence, hands-on-keyboard discovery, and lateral movement. Learn how to launch attacks, analyze defender responses, and uncover attack patterns. Access publicly released code, research, and emulation plans to enhance your own defensive strategies using the "become the villain" methodology.

Syllabus

Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations -K. Esprit/ C. Self

Taught by

Ekoparty Security Conference

Reviews

Start your review of Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.