Presenter: Alexander Lawrence
Room: Ballroom, EMU 244, Level 2
Presentation: Security Testing is an ART… and Science
Time: 01:15p – 01:45p

Cloud-native environments pose a number of unique challenges that make threat detection beyond complex; however, there are tools like Atomic Red Team (ART) (https://github.com/redcanaryco/atomic-red-team) that enable you to test your detection framework. ART is a collection of tests mapped to the MITRE ATT&CK framework that allow security teams to run standard tests across their environments. While they are extremely comprehensive, not all of them apply directly to cloud-native environments, so jumping in as a beginner can be daunting. In this talk, Puneet and Alex will discuss what to do when an ART test doesn’t map 1:1 in the cloud and the relevant MITRE tactics you should be applying, as well as the tough detection and remediation design choices you will have to make.