Introducing AtomicTestHarnesses

OCTOBER 30, 2020 | 11:00 AM MT    


The Red Canary Threat Research team has been hard at work on a new open source project called AtomicTestHarnesses.

Assessing and testing detection coverage with confidence is challenging on its own, but it’s particularly difficult if you are unable to account for all the variations of a given technique. This is exactly the problem we’ve set out to solve with AtomicTestHarnesses. An atomic test is great for testing a specific procedure but even with properly designed input arguments, it may be insufficient to exercise all known variations of an attack technique. Atomic Test Harnesses aim to mitigate this problem by giving users the flexibility to exercise a large breadth of attack technique variations. This functionality can also be incorporated into Atomic tests, drastically reducing the complexity of test code.

Sign up below to watch maintainers Matt Graeber and Michael Haag walk through this game-changing tool.

Have trouble seeing this form? Register directly on Zoom.

This informal discussion will cover:

  • The subtle variations in the ways that an adversary might execute a given attack technique
  • The challenge of accounting for a multitude of technique variation scenarios in atomic tests without drastically increasing complexity
  • How executing AtomicTestHarnesses can help you better asses the scope of your detection coverage with confidence