Detective Controls

Sep
25
Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 2)

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 2)

Following on from part 1 [https://www.blueteambriefing.com/using-att-ck-and-atomic-red-team-to-detect-msbuild-abuse-part-1-2/] where we used Mitre Att&ck and Atomic Red
5 min read
Sep
25
Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 1)

Using Att&ck and Atomic Red Team to Detect MSBuild Abuse (Part 1)

Creating SIEM use cases for any organisation can be a daunting task. The increasing number of advanced (and not so
8 min read