Red Team Automation: A new open source toolkit presented at BSidesChicago 2018

by Devon Kerr,

Summary : Validating defensive coverage against the range of adversarial behavior – including malware and malware-less behavior – is increasingly difficult and time consuming. Red Team Automation (RTA), an open source toolkit, was designed to enable researchers and organizations to test and validate detection and prevention against adversary behaviors as detailed in MITRE’s ATT&CK matrix. Each script maps directly to an adversary behavior within ATT&CK, and provides an easy to use and repeatable methodology for defensive assessments. Designed as a tool for and by the community, RTA welcomes community engagement and additional contributions to accelerate the assessment process and highlight gaps in coverage.