all InfoSec news
Threatest - Threatest Is A Go Framework For End-To-End Testing Threat Detection Rules
KitPloit - PenTest Tools! www.kitploit.com
Threatest is a Go framework for testing threat detection end-to-end.
Threatest allows you to detonate an attack technique, and verify that the alert you expect was generated in your favorite security platform.
Read the announcement blog post: https://securitylabs.datadoghq.com/articles/threatest-end-to-end-testing-threat-detection/
Concepts
Detonators
A detonator describes how and where an attack technique is executed.
Supported detonators:
- Local command execution
- SSH command execution
- Stratus Red Team
- AWS detonator
Alert matchers
An alert matcher is a platform-specific integration that can check if an expected alert …
continuous security detection detection engineering detection rules end end-to-end framework rules security automation testing threat threat detection threatest