By my probably incorrect accounting, this is the 365th edition of this newsletter. My thanks to the continued sponsorship of these newsletters by Endgame. You might be interested in this recent blog post about their efforts to help complement and improve MITRE’s ATT&CK framework through a new open source tool. The post discusses how offensive measures can help improve overall enterprise security by better understanding our adversaries. I have written recently about ATT&CK for CSOonline, first this explainer about the framework and a second piece reviewing various tools that are based on it, including Endgame’s Red Team Automation. You should read all of them if you want to get a head start in this area.
--David Strom, editor of Inside Security