The SCYTHE platform offers maximum flexibility to emulate adversary behaviors and automate your control testing and validation. SCYTHE eliminates the need to:
  • Investigate threat actor behavior
  • Build a profile of procedure-level steps to emulate the threat actor
  • Educate the Red Team on those procedures
  • Coordinate with the Red Team to execute those procedures (assuming you have a Red Team in the first place; if not, it is even harder to emulate without SCYTHE)
Unicorn Trio Cropped

#ThreatThursday posts go well beyond just the adversary emulation plan.

Most #ThreatThursday posts include some (or all) of the following:

Vector (8)
Threat actor description/ introduction
Vector (10)
Descriptions of adversary TTPs, as derived from from CTI
Emulation plan based on procedure-level intelligence
Vector (7)
Mapping of emulated procedures to MITRE ATT&CK techniques
Vector (1)-3
Detection techniques (sometimes including Sigma rules)

SCYTHE strives to publish #ThreatThursday plans once a week. Customers with access to the SCYTHE platform will benefit most from #ThreatThursday posts, but the information provided is useful to anyone interested in threat emulation, and some of it can be operationalized without any platform access.

#ThreatThursday Buzz