Purple Teaming: Attack Simulation and Control Validation with Atomic Red

Learn how to effectively utilize Atomic Red Team, a free open-source library, for conducting attack simulations and validating security controls in a 38-minute conference talk from BSidesCharm 2024. Discover the fundamentals of purple teaming and how to evaluate the performance of SecOps teams, SOC teams, and security service providers through practical demonstrations. Master setting up a lab environment suitable for both students and development teams, while exploring various attack simulations including local and domain account creation, process injection techniques, and credential harvesting. Follow along with recorded demos of Atomic Red simulations that map to the MITRE framework, and gain insights into improving organizational detection and response capabilities. Presented by Jason Wright, a Senior Security Engineer at Convera and Adjunct Faculty member at Chesapeake Community College, who brings over a decade of cybersecurity experience across critical supply chain and financial sectors.