Adversary Emulation with Elastic Security

James Spiteri

Director, product management, security

Elastic

Nic Palmer

Principle Solutions Architect, EMEA

Elastic

Matt Bromiley

SANS Certified Instructor

SANS

The practice of running Adversary Emulation engagement exercises is becoming more widely adopted within modern security teams. The collaborative effort of Purple Teaming can help security professionals improve their skills as they leverage emulation tactics and detection/prevention methods to better understand how threat actors might successfully compromise hosts, networks and other enterprise services.

Adversary Emulation goes well beyond testing whether preventive controls are implemented. Through emulation exercises, teams can gain real-world insight into different ways of detecting and responding to adversaries tactics and techniques through practical emulation and analysis while also practicing appropriate incident response methodology. Teams learn to better recognize when certain behaviors might signal malicious intent or capability, applied within a methodical framework such as MITRE ATT&CK®.

Join this webinar to learn more about the basic principles of using Elastic Security in conjunction with various emulation r tools and techniques to optimize how your Blue and Red Teams collaborate to bolster your detection and response programs.