Adaptive Emulation (Part 2): Execution Methods
In part 1 of my adaptive emulation blog series, we covered how small...
Posts about
Blue Team (2)
A Lesson from the Okta Incident: Scaling Purple Teaming for Better Controls Validation
This week, Okta shared a postmortem for its recent incident. Much has been said...
Why is SCYTHE Building a CTI Team?
Over the course of my cybersecurity career, I’ve been fortunate to work in...
Summiting the Pyramid of Pain: The TTP Pyramid
A Special Thanks The TTP Pyramid expands David Bianco’s Pyramid of Pain. We...
Breaking Down LOLBAS Attacks With The Help Of Hunter-gatherers
A few weeks ago , while watching the Hadza: Last of the First documentary, I...
Simplifying the MITRE ATT&CK Framework
INTRODUCTION Before we get into the nitty gritty of things, I’d like to...
Blue Team Training, Assumed Breach, and Shifting Security Left
The movement to “shift security left” focuses on mitigating risk as early...
A New Paradigm for Recovery: Shifting Your Mindset
Over the last two years, it's been pretty clear that ransomware is a...
You can’t detect 0-day exploits but… you can detect what happens next
TLDR: One of the best-known ways to gain access into an organization and...
