Start securing your endpoints today
Learn more about the security capabilities that can help you defend against today’s advanced threats.

Request a Demo

Featured Case Study

5 Reasons Organizations Outsource Security to Red Canary

READ MORE

Start securing your endpoints today
Learn more about the security capabilities that can help you defend against today’s advanced threats.

Request a Demo

OPEN SOURCE TOOL

Atomic Red Team

Atomic Red Team is an open source collection of small, highly portable tests mapped to the corresponding techniques in the MITRE ATT&CK framework. These tests can be used to validate detection and response technology and processes.

Browse popular Atomic Red Team resources below to learn more.

Upcoming Events

Automating Atomic Red Team: How to Scale and Improve Testing

Atomic Red Team is known for being the easiest way to quickly run small, atomic security tests against your program. Those easy-to-use markdown docs are still front and center (and now include content from the new ATT&CK APIs!) — but the underlying skeleton is now defined in the YAML format. This means it’s easier for you to build on top of the framework and use automation tools to execute tests and check results.

Join us on June 19th for an exclusive first look at the new bones of Atomic Red Team to learn: 

  • How the repository is structured and why we chose YAML
  • Ways you can contribute to the framework
  • How we validate the new techniques
Sign up for the next webcast:
June 19th | 1pm ET

Atomic Red Team Videos

VIDEO

How to Use Atomic Red Team Tests

Atomic Red Team is a suite of small, highly portable detection tests mapped to the MITRE ATT&CK™ Framework. Watch this video to learn how to test security controls against specific attack scenarios, identify gaps in prevention or detection, and use EDR data to quickly detect behaviors previously missed.

 
 

VIDEO

Lab 1 – Regsvr32 to Check Detection and Logging
 
 

VIDEO

Lab 2 – Chain Reaction, Using Multiple Commands
 
 

VIDEO

Lab 3 – Measure Progress and Impact
 
 

ON-DEMAND TRAINING

Testing Your Defenses on MacOS and Linux
 
 

ON-DEMAND TRAINING

Proving Grounds: How to Build Chain Reactions

Atomic Red Team Articles

BLOG

An Introduction

An introduction to Atomic Red Team Tests with a mapping to the MITRE ATT&CK Framework. We cover the major test phases: execution, evidence collection, and detection.

 
 

BLOG

How to Test with the Atomic Red Team
 
 

BLOG

The Dragon’s Tail
 
 

BLOG

Testing Detection and Prevention Tools With Atomic Red Team “Chain Reactions”

Testing with Atomic Red Team is quite possibly the most important thing you can do this year. What can you detect?

John Strand Black Hills Information Security

Join the world’s leading defenders who trust us to secure their businesses