Welcome to the December edition of the Atomic Newsletter, a monthly email in which we will summarize the updates and news about Atomic Red Team™ and its related projects such as Atomic Friday, MITRE ATT&CK®, Invoke-AtomicRedTeam, AtomicTestHarnesses, and more!

Test Showcase

Highlighting new & novel atomics

This month, the Atomic Red Team maintainers wanted to showcase a couple of noteworthy new atomic tests that caught their eye!

PR #1673:
Linux PreReq Support

First time contributor glallen gave a batch of Linux tests some much needed attention in this pull request, by cleaning up the test's prerequisite.

It is important to remember that every contribution helps make the library of tests more usable, accessible, and valuable to the entire community; and this PR is an amazing example of that kind of contribution!

SEE THE PR

T1053.006:
Scheduled Task/Job

Contributor Chris Davis added some great tests for the Scheduled Task/Job, specially for the Systemd Timers sub-technique.

An awesome example of Linux persistence, these tests demonstrate how it is possible to schedule the execution of tasks “on the fly,” without manually creating dedicated timer and service units by using systemd-run.

SEE THE PR

Run Atomic Red Team tests from the Defender Evaluation Lab!

You can now find Atomic Red Team tests in the Defender for Endpoint Evaluation Lab! Test your security controls against the most common MITRE ATT&CK techniques in just a few clicks.

Read Microsoft's blog

Video for your queue

Confidently measuring ATT&CK technique coverage by asking better questions

Atomic Red Team maintainer Matt Graeber recently gave a demo of AtomicTestHarnesses at BSides Augusta.

Watch on Youtube

Vendor Integration

LimaCharlie & Atomic Red Team!

LimaCharlie has integrated Atomic Red Team in an effort to reduce barriers to comprehensive, holistic protection—which can only be accomplished by actively testing your organization’s detection & response coverage.

Read LimaCharlie's Blog

Atomic Red Team community updates

Atomic Red Team cannot continue to be the amazing library it is without the time, effort, and contributions from the community and the project maintainers. We wanted to showcase some of the individuals who have taken the time to contribute changes and additions to Atomic Red Team!

New & top contributors in November

Top contributors:

clr2of8
glallen

Huge thanks to everyone who contributed to Atomic Red Team, and a special shout out to all of the first-time contributors:

glallen
buzzdeee
arunppsg

We are here to help!

Atomic Red Team maintainers

Meet our amazing team of maintainers, who create new tests, manage pull requests, mentor new contributors, and do so much more.

Bhavin Patel

Slack: Bhavin Patel

GitHub: patel-bhavin

Carl Petty

Slack: Carl Petty

GitHub: rc-grey

Carrie Roberts

Slack: OrOneEqualsOne

GitHub: clr2of8

Jose Hernandez

Slack: Jose Hernandez

GitHub: d1vious

Matt Graeber

Slack: mattifestation

GitHub: mattifestation

Mike Haag

Slack: Mike Haag

GitHub: MHaggis

Featured blog

Our friends at Datto wrote this nice breakdown of how they use Atomic Red Team tests for adversary simulation.

Read blog

Hands-on learning

Watch a live training brought to you by Black Hills Information Security with Carrie and Darin Roberts.

WATCH VIDEO

Join us!

Atomic Red Team depends on community contributions to increase technique coverage across platforms.

GET STARTED

Be a part of the Atomic community

Atomic Red Team is developed by a community of thousands of computer security advocates, practitioners, and enthusiasts. Come say hi on the Atomic Red Team Slack!

Join Us On Slack

©2022 Red Canary All rights reserved.
1601 19th Street, Suite 900, Denver, CO 80202
https://redcanary.com | Unsubscribe

You received this email as a promotion of Red Canary. Click to adjust your preferences.