How to simulate and detect attacks with the Advanced Threat Analytics Playbook

First published on CloudBlogs on Feb 23, 2017
One of the biggest pieces of feedback the Advanced Threat Analytics (ATA) team has received is a request for a clear, easy way to simulate attacks and see how ATA detects them. So that’s exactly what we did. We’ve written a playbook that contains:
  1. A step-by-step guide to simulating different techniques used in real-world advanced attack scenarios.
  2. Walk-through of a full attack campaign – From initial reconnaissance all the way to Domain Dominance.
  3. Walk-through of ATA’s detection of suspicious activities.
Download the ATA Attack Simulation Playbook . Note that not all the attacks that ATA can detect appear in the playbook. Some of ATA’s detections require a learning period. The playbook does not provide a method to simulate techniques which requires a learning period for simplicity. Let us know what you think, and suggest techniques for the next iteration of the playbook in our tech community .