Published : Feb 4, 2021
The Adversary Emulation Library is a freely available resource to help red teams and other cyber defenders systematically test their defenses based on real-world adversary TTPs. Each adversary emulation plan is rooted in intelligence reports and other artifacts that capture and describe breaches and campaigns publicly attributed to a specific named threat actor. We research and model each threat actor, focusing not only on what they do but also how and when. We then develop emulation content that mimics the underlying behaviors utilized by the threat actor. This approach results in nuanced emulation plans, each capturing unique scenarios and perspectives that we can leverage as threat-informed defenders.
Stay informed about new releases of R&D projects and other exciting updates from the Center for Threat-Informed Defense.