This new AI evaluation framework leverages the full Atomic Red Team library to test the ability of large language models (LLMs) to generate cybersecurity detection rules. Using 188 different test scenarios, KQL Benchmark sees how different AI models—GPT-4.1, Gemini 2.5 Flash, etc.—perform.

Cybersecurity student Ziad Okka (0xZetss on Medium) blogs about a blue/purple team SOC lab he built using open-source tools. It's designed to simulate, detect, and respond to real-world attacks using Atomic for technique evasion, Sysmon for Windows event logging, and Wazuh for log analysis. 

In this blog, Sebastian Kandler, who heads a cyber defense and SOC team, walks readers through how to simulate a typical ransomware infection path using tools like Atomic Red Team—he talks about using techniques to run LSASS dumps, SAM extraction, and token impersonation—and Invoke-AtomicAssessment. 

Ransomware is always evolving. Join this upcoming webinar to learn how to detect pre-ransomware activity quickly, mitigate it throughout the intrusion chain, and limit its potential impact.