James Fitts, Chris Fennel (Walmart)

Red Team campaigns simulate real adversaries and provide real value to the organization by exposing vulnerable infrastructure and processes that need to be improved. The challenge is that as organizations scale in size, time between campaign retesting increases. This can lead to gaps in ensuring coverage and finding emerging issues. Automation and simulation of adversarial attacks can be created to address the scale problem. Collecting libraries of Tactics, Techniques and Procedures (TTPs) and testing them via adversarial emulation software. Unfortunately, automation lacks feedback and cannot analyze the data in real time with each test.

To address this problem, we introduce RAMPART (Repeated And Measured Post Access Red Teaming). RAMPART campaigns are very quick campaigns (1 day) meant to bridge the gap between the automation of Red Team simulations and full blown Red Team campaigns. The speed of these campaigns comes from pre-built playbooks backed by Cyber Threat Intelligence (CTI) research. This approach enables a level of freedom to make decisions based on the data the red team analyst sees from their tooling and allows testing further in the attack chain to test detections that could be missed otherwise.

View More Papers

VPN Awareness and Misconceptions: A Comparative Study in Canadian...

Lachlan Moore, Tatsuya Mori (Waseda University, NICT)

Read More

Designing and Evaluating a Testbed for the Matter Protocol:...

Ravindra Mangar (Dartmouth College) Jingyu Qian (University of Illinois), Wondimu Zegeye (Morgan State University), Abdulrahman AlRabah, Ben Civjan, Shalni Sundram, Sam Yuan, Carl A. Gunter (University of Illinois), Mounib Khanafer (American University of Kuwait), Kevin Kornegay (Morgan State University), Timothy J. Pierson, David Kotz (Dartmouth College)

Read More

The Impact of Workload on Phishing Susceptibility: An Experiment

Sijie Zhuo (University of Auckland), Robert Biddle (University of Auckland and Carleton University, Ottawa), Lucas Betts, Nalin Asanka Gamagedara Arachchilage, Yun Sing Koh, Danielle Lottridge, Giovanni Russello (University of Auckland)

Read More

Securing Automotive Software Supply Chains (Long)

Marina Moore, Aditya Sirish A Yelgundhalli (New York University), Justin Cappos (NYU)

Read More