changed url to avoid 404 (#259)
This commit is contained in:
keyabird
@@ -4,33 +4,33 @@
|
||||
[](https://circleci.com/gh/redcanaryco/atomic-red-team)
|
||||
|
||||
Atomic Red Team allows every security team to test their controls by executing simple
|
||||
"atomic tests" that exercise the same techniques used by adversaries (all mapped to
|
||||
"atomic tests" that exercise the same techniques used by adversaries (all mapped to
|
||||
[Mitre's ATT&CK](https://attack.mitre.org/wiki/Main_Page)).
|
||||
|
||||
## Philosophy
|
||||
|
||||
Atomic Red Team is a library of simple tests that every security team can execute to test their controls. Tests are
|
||||
focused, have few dependencies, and are defined in a structured format that be used by automation frameworks.
|
||||
focused, have few dependencies, and are defined in a structured format that be used by automation frameworks.
|
||||
|
||||
Three key beliefs made up the Atomic Red Team charter:
|
||||
- **Teams need to be able to test everything from specific technical controls to outcomes.**
|
||||
Our security teams do not want to operate with a “hopes and prayers” attitude toward detection. We need to know
|
||||
what our controls and program can detect, and what it cannot. We don’t have to detect every adversary, but we
|
||||
Our security teams do not want to operate with a “hopes and prayers” attitude toward detection. We need to know
|
||||
what our controls and program can detect, and what it cannot. We don’t have to detect every adversary, but we
|
||||
do believe in knowing our blind spots.
|
||||
|
||||
- **We should be able to run a test in less than five minutes.**
|
||||
Most security tests and automation tools take a tremendous amount of time to install, configure, and execute.
|
||||
We coined the term "atomic tests" because we felt there was a simple way to decompose tests so most could be
|
||||
Most security tests and automation tools take a tremendous amount of time to install, configure, and execute.
|
||||
We coined the term "atomic tests" because we felt there was a simple way to decompose tests so most could be
|
||||
run in a few minutes.
|
||||
|
||||
The best test is the one you actually run.
|
||||
|
||||
- **We need to keep learning how adversaries are operating.**
|
||||
Most security teams don’t have the benefit of seeing a wide variety of adversary types and techniques crossing
|
||||
their desk every day. Even we at Red Canary only come across a fraction of the possible techniques being used,
|
||||
Most security teams don’t have the benefit of seeing a wide variety of adversary types and techniques crossing
|
||||
their desk every day. Even we at Red Canary only come across a fraction of the possible techniques being used,
|
||||
which makes the community working together essential to making us all better.
|
||||
|
||||
See: https://atomicredteam.io/philosophy
|
||||
See: https://atomicredteam.io
|
||||
|
||||
## Having trouble?
|
||||
|
||||
@@ -57,4 +57,4 @@ In order to have a more open and welcoming community, Atomic Red Team adheres to
|
||||
|
||||
## License
|
||||
|
||||
See the [LICENSE](https://github.com/redcanaryco/atomic-red-team/blob/master/LICENSE.txt) file.
|
||||
See the [LICENSE](https://github.com/redcanaryco/atomic-red-team/blob/master/LICENSE.txt) file.
|
||||
|
||||
Reference in New Issue
Block a user