Writing Better Security Exclusions With EER

Last week at Wild West Hackin’ Fest, I released a model to help teams...

Easy LOLBAS Wins for Purple Teams

What Are LOLBINS/LOLBAS? Living Off the Land Binaries and Scripts (LOLBAS) is...

Actionable Purple Teaming: Why and How You Can (and Should) Go Purple

Adaptive Emulation (Part 2): Execution Methods

‍ In part 1 of my adaptive emulation blog series, we covered how small...

A Lesson from the Okta Incident: Scaling Purple Teaming for Better Controls Validation

This week, Okta shared a postmortem for its recent incident. Much has been said...

Building an Internal Red Team? Go Purple first

I was chatting with a SANS STI student, Antonio Piazza, on Twitter and we...

Summiting the Pyramid of Pain: The TTP Pyramid

A Special Thanks The TTP Pyramid expands David Bianco’s Pyramid of Pain. We...

Breaking Down LOLBAS Attacks With The Help Of Hunter-gatherers

A few weeks ago , while watching the Hadza: Last of the First documentary, I...

Simplifying the MITRE ATT&CK Framework

INTRODUCTION Before we get into the nitty gritty of things, I’d like to...