How it Works: NetSPI’s AttackSim Technology

NetSPI’s MITRE ATT&CK simulation is a tech-enabled service powered by a sophisticated breach and attack simulation platform. The platform is comprised of pre-built plays that align directly with TTPs seen in real-world attack scenarios, including combinations of ransomware and MITRE ATT&CK playbooks.

NetSPI enables you to leverage the web application to deliver and orchestrate the plays in your environment, in collaboration with our expert security consultants. You’ll leave the assessment with a baseline understanding of your detective controls and access to the attack simulation platform to help you refine detections and address gaps after the engagement is over.

MITRE ATT&CK

What’s Included in MITRE ATT&CK for Enterprises?

MITRE ATT&CK is a knowledge base of adversary behavior and classification for adversarial actions across their lifecycle. ATT&CK for Enterprise covers behavior against enterprise IT networks and cloud. It includes the following tactics and corresponding techniques that real-world adversaries use today.

Learn more about ATT&CK
  • Reconnaissance
  • Resource Development
  • Initial Access
  • Execution
  • Persistence
  • Privilege Escalation
  • Defense Evasion
  • Credential Access
  • Discovery
  • Lateral Movement
  • Collection
  • Command and Control
  • Exfiltration
  • Impact

Pentesting Research and Tools

Learn about penetration testing on our blog, our open source penetration testing toolsets for the infosec community, and our SQL injection wiki.