Realm: Open-source adversary emulation framework

2024-07-15 04:16

Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation.

It's designed to handle engagements of any size.

"Realm is unique in its custom interpreter written in Rust. This allows us to write complex TTPs as code. With these actions as code, defenders can replay attack actions, and red teams can create repositories of their TTPs and processes for multiple engagements. Realm is also extremely scalable! Group actions are easy to create in our Web GUI, allowing you to get information from multiple hosts at once," a spokesperson for the project told Help Net Security.

Realm components Agent Server Built-in interpreter Future plans and download. "For the future, we want to expand the ways you can contextualize information via our Web GUI. We want red teams to have the most visibility possible into how things are going during an engagement. We also want it to be easier for red teams to collaborate with defenders, allowing the defenders to learn from the engagement," the spokesperson concluded.

News URL

https://www.helpnetsecurity.com/2024/07/15/realm-open-source-adversary-emulation-framework/

#framework #opensource

News URL

Related news