logo
        • Who We Are
        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage
        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us
        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Cybersecurity
        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations
        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense
        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • Developing tomorrow's cyber workforce today.
        • News & Insights
        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

        • Subscribe to Our Newsletters
        • Our tech foundation is addressing the complex problems that face our nation today. Find out how you can join our efforts as we spur innovation for public good.

          Subscribe

Behind the Attack: Juliana Testa

The ATT&CK Evaluations (Evals) team are a group of dedicated cybersecurity professionals with multiple decades of combined experience. Get to know Juliana Testa, an Execution Coordinator & Threat Hunter on the Evals Execution team and one of the minds behind executing emulations.

Juliana Testa


What is your role on the team?

As a member of the Execution Team, I coordinate with participants to ensure a seamless evaluation process. I am trained on their threat hunting platforms and collaborate with our Red Team Operators to identify indicators of compromise (IOCs) corresponding to the tactics, techniques, and procedures (TTPs) of the developed scenarios and malware.

What’s an interesting trend in Cybersecurity?

I find random number generation (RNG) in cybersecurity and cryptography to be absolutely fascinating. If you haven’t looked into it, I highly recommend it. The process of creating truly random numbers for cryptography involves using unreproducible phenomena as seeds, like atmospheric noise, hardware entropy, or, in the case of Cloudflare, lava lamps. Random seed production is an critical part of sustaining strong encryption and it requires us to take a step past statistically random and into the realm of wholly unpredictable.

When I’m not diving into malware or teaching about SIEMs, you can catch me competing in sailing championships both nationally and internationally.

Interested in connecting with Juliana? Follow her on LinkedIn