Small and highly portable detection tests based on MITRE's ATT&CK.
Atomic Red Team allows every security team to test their controls by executing simple "atomic tests" that exercise the same techniques used by adversaries (all mapped to Mitre's ATT&CK).
Atomic Red Team is a library of simple tests that every security team can execute to test their controls. Tests are focused, have few dependencies, and are defined in a structured format that can be used by automation frameworks.
Three key beliefs made up the Atomic Red Team charter: - Teams need to be able to test everything from specific technical controls to outcomes. Our security teams do not want to operate with a “hopes and prayers” attitude toward detection. We need to know what our controls and program can detect, and what it cannot. We don’t have to detect every adversary, but we do believe in knowing our blind spots.
The best test is the one you actually run.
Join the community on Slack at https://atomicredteam.slack.com
In order to have a more open and welcoming community, Atomic Red Team adheres to a code of conduct.
See the LICENSE file.