For the second year in a row, Micah Babinski graciously translated the many detection opportunities in Red Canary’s Threat Detection Report to Sigma format.

You can find every episode of Atomics on a Friday’s series on how various red, blue, and purple team tools stack up against each other in this X thread.

This new Mythic agent from Antonio Piazza allows you to run atomic tests as part of larger purple team campaigns.

Compiled by members of Inovasys’s blue team, this emulation, detection, and intelligence (EDI, pronounced “Eddy”) repository includes Sigma files, atomic tests, and sample log files for various ATT&CK techniques.

Maintainer Mike Haag recently added an atomic test for SOAPHOUND, a tool for enumerating Active Directory environments.

Daniel Cortez wrote a blog post detailing how he conceived and formatted a new atomic test for changes to Microsoft Office templates that automatically load when the application opens.