The Red Canary Threat Research team has been hard at work on a new open source project called AtomicTestHarnesses.
Assessing and testing detection coverage with confidence is challenging on its own, but it’s particularly difficult if you are unable to account for all the variations of a given technique. This is exactly the problem we’ve set out to solve with AtomicTestHarnesses. An atomic test is great for testing a specific procedure but even with properly designed input arguments, it may be insufficient to exercise all known variations of an attack technique. Atomic Test Harnesses aim to mitigate this problem by giving users the flexibility to exercise a large breadth of attack technique variations. This functionality can also be incorporated into Atomic tests, drastically reducing the complexity of test code.
Sign up below to watch maintainers Matt Graeber and Michael Haag walk through this game-changing tool.