New adversary tactics and techniques often emerge because of research in the cybersecurity field. They are often accompanied with tools, that are made public to increase the awareness of a certain threat. Oftentimes, the tools are found and misused by threat actors to carry out real attacks.
Your task is to build a framework that identifies such resources, either from the public domain or by leveraging supplementary internal threat intelligence resources. Such a system will aid the security research team in building relevant threat simulation capabilities.
Additionally, the framework should notify the research team whenever new potential breach simulation sources and tools are available, such that new content is delivered as fast as possible to the customers, before the attackers do any damage.
Threat Simulator is a Breach and Attack Simulation (BAS) solution with a wide range of tests and recommendations, including MITRE ATT&CK endpoint, user and network assessments. Threat Simulator enables you to empower your SecOps team by continuously assessing your network's readiness against the latest attacks and exploits.
What you will gain: • pcap analysis / filtering • Python development • Automation • Intro / understanding of malware sandboxes • Working with containers