all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

My experience testing EDR with AtomicRedTeam

Add to bookmarks
May 3, 2023, 10:20 p.m. | /u/Lolstrooop

cybersecurity www.reddit.com

Hello everyone!

I've recently tested Crowdstrike's EDR with Atomic Red Team. Testing with this type of tool was necessary since there are some restrictions with actual Red Team exercises I could perform in my project.

I aggregated the most often seen TTPs used by Threat Actors and tested the EDR based on them. I went through each of the tests from each techniques sequentialy, assuming different stages of an attack, using the ATT&CK framework.

The majority of the tests did …

crowdstrike cybersecurity edr exercises experience hello project red team red team exercises restrictions team testing threat threat actors tool ttps

Visit resource

More from www.reddit.com / cybersecurity

A student from UTD got access to teslas by exploiting a vulnerability in a 3rd … 10 hours ago | www.reddit.com
article cybersecurity safeguard software +1
XZ has been claimed 11 hours ago | www.reddit.com
cybersecurity
US Targets China & Russia: Advanced AI Software Control 12 hours ago | www.reddit.com
advanced ai software china control +3
McAfee Warns of Surge in AsyncRAT Malware Infections in the U.S. 13 hours ago | www.reddit.com
asyncrat cybersecurity infections malware +1
SOC Work - Retail vs Financial 15 hours ago | www.reddit.com
call cybersecurity data don +13
Top cybersecurity stories for the week of 05-06-24 to 05-10-24 16 hours ago | www.reddit.com
ciso cyber cyber security cybersecurity +8
What is the best way to block access from a Windows workstation to external sites … 16 hours ago | www.reddit.com
access block can capabilities +18
Zscaler hack a honeypot 16 hours ago | www.reddit.com
breach can confirm cybersecurity +15
When Do SEGs Become Necessary for Business Email? 17 hours ago | www.reddit.com
barracuda business common sense cybersecurity +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Security Research Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

SOC Manager

@ Inbox Business Technologies | Islamabad, Islamabad Capital Territory, Pakistan
View on infosec-jobs.com

Cybersecurity Incident Response Program Manager (Hybrid)

@ UMB Bank | MO - Kansas City - 1010 Grand Blvd
View on infosec-jobs.com

Consultant, Cyber Risk Advisory | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Cybersecurity Bid Manager

@ Alstom | Derby, GB
View on infosec-jobs.com

Cyberspace Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com
View more jobs