Atomic Red Team
    • 28 May 2024
    • 1 Minute to read
    • PDF

    Atomic Red Team

    • PDF

    Article summary

    Atomic Red TeamTM is a library of tests that every security team can execute to simulate adversarial activity and validate their defenses. Tests are focused, have few dependencies, align with the MITRE ATT&CK framework, and are defined in a structured format that can be used by automation frameworks. The library’s primary objective is to evaluate whether your monitoring solutions can generate telemetry that aids in identifying adversarial behavior.

    For a complete picture of the Atomic Red Team project family and its various offerings, visit the official website.

    Running the Tests

    The complete library of atomic tests are organized by ATT&CK Technique and platform/OS which can be found at the official website.

    Once you’ve selected a test to execute, you can either run the test manually or automated:

    • Manually: Copy and paste the provided commands directly into your terminal.

    • Automated: Utilize an Execution Framework for streamlined testing. A popular option is Invoke-AtomicRedTeam, and you can learn more about this in the “Getting Started with Atomic Red Team” webcast recording.

    Learn More

    Dive deeper with the comprehensive Atomic Red Team documentation wiki.

    • Videos: Explore curated YouTube playlists covering various topics, from getting started to adversary emulation examples.

    • Webinars: Access on-demand webinars for in-depth exploration of specific Atomic Red Team themes.

    Stay Connected

    • Newsletter: Subscribe to stay informed about the latest Atomic Red Team features.

    • Slack Channel: Join the dedicated Slack community to connect and collaborate with other Atomic Red Team users.


    Was this article helpful?