Adversary emulation with Prelude Operator and Elastic Security
It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps.
There are many tools available for running adversary emulation plans and performing purple team exercises. This blog will focus on how teams can use Prelude Operator in conjunction with Elastic Security.
At Elastic, we’ve been working closely with the team at Prelude as we have a very similar mission — we want to help security teams of all skill levels, arming all analysts and red teams alike. We want to protect the world’s data from attack, giving users all they need with tools which are free and open, whilst providing absolute transparency at every stage.
Operator includes several TTPs that users can inspect, modify and adapt to their needs, all from the same intuitive interface. They are regularly updated and organised according to MITRE ATT&CK tactics and techniques, and can be immediately added to an adversary.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25336775/STK051_TIKTOKBAN_CVirginia_D.jpg)
