Breach and Attack Simulation, Step by Step
Step 1: The analyst determines what attack scenario they want to simulate.
Step 2: From D3, the analyst activates the assessment in AttackIQ and commands AttackIQ to run all tests.
Step 3: D3 retrieves the results of the assessment.
Step 4: The TTPs from the assessment are populated into D3’s MITRE ATT&CK Monitor Dashboard.
Step 5: 5. The analyst runs a separate playbook to remediate any vulnerabilities found in the assessment, such as by updating firewall rules or assigning tasks to other teams.
Benefits of Automated Breach and Attack Simulation
✔ Ensure You’re Ready for the Most Dangerous Adversaries
Test your controls against the exact techniques used by sophisticated adversaries in major real-world attacks, such as SunBurst.
✔ Easily Comprehend Assessment Results
D3 ingests attack simulation results just like the data from a real incident, enabling you to see how your tools did against each MITRE ATT&CK TTP in the simulated attack.
✔ Act Quickly to Close Gaps
When an attack simulation reveals a weakness in your security controls, you want to update them immediately. Using D3, analysts can quickly orchestrate the necessary changes across teams and integrated tools.
✔ Never Miss a Scheduled Assessment
With D3, you can schedule attack simulations to run automatically on a predetermined cadence, with no human intervention required.