Red Canary
Atomic Red Team
Surveyor
Start securing your endpoints today
Learn more about the security capabilities that can help you defend against today’s advanced threats.

Request a Demo

Problems We Solve
Featured Case Study

5 Reasons Organizations Outsource Security to Red Canary

READ MORE

Resource Center
Topics
Tools
Latest Resource

EDR Buyer’s Guide: 15 Questions to Answer

READ MORE

About Red Canary
Connect
Start securing your endpoints today
Learn more about the security capabilities that can help you defend against today’s advanced threats.

Request a Demo

OPEN SOURCE TOOL

Atomic Red Team

Atomic Red Team is an open source collection of small, highly portable tests mapped to the corresponding techniques in the MITRE ATT&CK framework. These tests can be used to validate detection and response technology and processes.

Get the Repo

Browse popular Atomic Red Team resources below to learn more.

Upcoming Events

Don’t miss our next training!

Sign up to be invited to our next Atomic Red Team training. Our research team holds regular sessions to demonstrate how to use Atomic Red Team across a variety of use cases and organizations.

  • Hands-on trainings with Casey Smith, Michael Haag, and other researchers from the Atomic Red Team community
  • Share feedback, questions, and contributions to the testing framework
  • Learn how to build and validate detection capabilities and create chain reactions
Sign up for the next session:

Atomic Red Team Videos

VIDEO

How to Use Atomic Red Team Tests

Atomic Red Team is a suite of small, highly portable detection tests mapped to the MITRE ATT&CK™ Framework. Watch this video to learn how to test security controls against specific attack scenarios, identify gaps in prevention or detection, and use EDR data to quickly detect behaviors previously missed.

 
 

VIDEO

Lab 1 – Regsvr32 to Check Detection and Logging
 
 

VIDEO

Lab 2 – Chain Reaction, Using Multiple Commands
 
 

VIDEO

Lab 3 – Measure Progress and Impact
 
 

ON-DEMAND TRAINING

Testing Your Defenses on MacOS and Linux
 
 

ON-DEMAND TRAINING

Proving Grounds: How to Build Chain Reactions

Atomic Red Team Articles

BLOG

An Introduction

An introduction to Atomic Red Team Tests with a mapping to the MITRE ATT&CK Framework. We cover the major test phases: execution, evidence collection, and detection.

 
 

BLOG

How to Test with the Atomic Red Team
 
 

BLOG

The Dragon’s Tail
 
 

BLOG

Testing Detection and Prevention Tools With Atomic Red Team “Chain Reactions”

Testing with Atomic Red Team is quite possibly the most important thing you can do this year. What can you detect?

John Strand Black Hills Information Security

Join the world’s leading defenders who trust us to secure their businesses

Schedule a Demo