One of the biggest pieces of feedback the Advanced Threat Analytics (ATA) team has received is a request for a clear, easy way to simulate attacks and see how ATA detects them.
So that’s exactly what we did.
We’ve written a playbook that contains:
- A step-by-step guide to simulating different techniques used in real-world advanced attack scenarios.
- Walk-through of a full attack campaign – From initial reconnaissance all the way to Domain Dominance.
- Walk-through of ATA’s detection of suspicious activities.
Note that not all the attacks that ATA can detect appear in the playbook. Some of ATA’s detections require a learning period. The playbook does not provide a method to simulate techniques which requires a learning period for simplicity.
Let us know what you think, and suggest techniques for the next iteration of the playbook in our tech community.