How it Works: NetSPI’s AttackSim Technology

NetSPI’s MITRE ATT&CK simulation is a tech-enabled service powered by a sophisticated breach and attack simulation platform. The platform is comprised of pre-built plays that align directly with TTPs seen in real-world attack scenarios, including combinations of ransomware and MITRE ATT&CK playbooks.

NetSPI enables you to leverage the web application to deliver and orchestrate the plays in your environment, in collaboration with our expert security consultants. You’ll leave the assessment with a baseline understanding of your detective controls and access to the attack simulation platform to help you refine detections and address gaps after the engagement is over.


What’s Included in MITRE ATT&CK for Enterprises?

MITRE ATT&CK is a knowledge base of adversary behavior and classification for adversarial actions across their lifecycle. ATT&CK for Enterprise covers behavior against enterprise IT networks and cloud. It includes the following tactics and corresponding techniques that real-world adversaries use today.

Learn more about ATT&CK
  • Reconnaissance
  • Resource Development
  • Initial Access
  • Execution
  • Persistence
  • Privilege Escalation
  • Defense Evasion
  • Credential Access
  • Discovery
  • Lateral Movement
  • Collection
  • Command and Control
  • Exfiltration
  • Impact

Pentesting Research and Tools

Learn about penetration testing on our blog, our open source penetration testing toolsets for the infosec community, and our SQL injection wiki.