The complexity of protecting interconnected IT systems grows with the development of new products and applications. Consequently, the capability of Security Operation Centre personnel to keep abreast of new threats is of utmost importance to ensure the security posture of all organisations. In that regard, hands-on exercises on a cyber range reproducing realistic situations can boost the ability of personnel to react appropriately and adequately to intrusion in a production context. Such exercises are known to improve situation awareness. However, the design and delivery of such trainings impose a heavy workload on cyber experts. Relying on an automation system for the execution of attacks considerably lightens the duties of experts and frees some of their time for less repetitive tasks. This article introduces an orchestrator dedicated to red teaming.
BT - Information & Security: An International Journal DO - https://doi.org/10.11610/isij.5318 IS - 2 LA - eng N2 -The complexity of protecting interconnected IT systems grows with the development of new products and applications. Consequently, the capability of Security Operation Centre personnel to keep abreast of new threats is of utmost importance to ensure the security posture of all organisations. In that regard, hands-on exercises on a cyber range reproducing realistic situations can boost the ability of personnel to react appropriately and adequately to intrusion in a production context. Such exercises are known to improve situation awareness. However, the design and delivery of such trainings impose a heavy workload on cyber experts. Relying on an automation system for the execution of attacks considerably lightens the duties of experts and frees some of their time for less repetitive tasks. This article introduces an orchestrator dedicated to red teaming.
PY - 2022 SE - 273 SP - 273 EP - 286 T2 - Information & Security: An International Journal TI - Cyber Red Teaming: Overview of Sly, an Orchestration Tool VL - 53 ER -