With menace actors always evolving tact, it’s changing into fairly clear {that a} sure assault can take quite a few kinds with a slight tweak within the underlying tooling. Whereas an exhaustive check of security controls for detecting all these variations will not be potential, SpecterOps’ new purple group evaluation is now providing a detailed second.
The brand new providing makes use of the precept of classifying the variations of assault methods into consultant check circumstances that organizations can check their security controls in opposition to.
“Most conventional purple group approaches underestimate the complexity of intra-technique variation, which regularly results in a false sense of detection protection,” stated Jared Atkinson, chief strategist at SpecterOps. “Our method makes use of a various set of check circumstances to measure true protection.”
The 2-week evaluation providing, already accessible to SpectreOps’ clients, may also assist security groups perceive how adversaries modify methods to keep away from detection.
SpecterOps implements Atomic Testing
The brand new providing shall be leveraging the method pioneered by Pink Canary’s Atomic Crew mission, which entails extracting particular person behaviors from an assault chain as a way to management variables impacting the outcomes of security controls.
“Atomic Testing understands that whereas there’s a broad vary of variation between assault methods, we should not neglect that there’s additionally a variety of variation inside approach classes,” stated Atkinson. “With the intention to handle this, Atomic Testing approaches leverage quite a few check circumstances to current a number of implementations to related security controls.”