Hero

Adversary Simulation

Leveraging decades of experience across technology verticals and fields, we are able to simulate adversarial scenarios using Tactics, Techniques, and Procedures (TTP) that are highly customised to your industry and technology landscape being mindful of your organisational risk appetite as we assess the maturity of your defensive capabilities across people, process and technology.

coverage

Aligning with Industry Standards

Our testing methodology stays true to real world scenarios by referencing MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) and MITRE Common Weaknesses and Exposure (CWE) and leveraging latest threat intelligence and industry newsfeed from our in-house developed Talkback tool.

Coverage across your estate

On-Premise Environment
On-Premise Environment
Cloud Environment
Cloud Environment
Hybrid Environment
Hybrid Environment
Serverless Environment
Serverless Environment
Active Directory
Active Directory
CI/CD Pipelines
CI/CD Pipelines
End-Point Devices
End-Point Devices
Critical Infrastructure
Critical Infrastructure
Operational Technology
Operational Technology






approach

Modern testing approaches to meet evolving threats

With infrastructure threats constantly evolving, organisations face many challenges for keeping their users and infrastructure secure. We provide pragmatic adversary simulation services to help our customers secure their environments from likely threats.

From our experience, conducting adversary simulations is beneficial to bolster security controls and improve the awareness and processes for incident response teams.

Our methodologies and guides are based on the MITRE ATT&CK framework, where we workshop with our customers the threat scenarios and considerations before starting.

We take a systematic and measured approach to effectively simulate likely threat scenarios leveraging relevant Tactics Techniques and Procedures to assess the effectiveness of security controls and provide appropriate tailored guidance.

Outcomes

Deliverables

Our customers perform adversary simulation exercises to identify gaps for improvements in their blue team capabilities. Our red / purple team exercises will deliver top-tier quality and best value for your spend.

Decades of experience and thousands of security tests later, we are familiar with common security gaps and the latest security vulnerabilities common across industries and collaborate to create the most suitable simulation exercises for your context. We are conscious of the sensitivity of specific environment types and can exercise extra precaution and support in simulating realistic phased approaches.

Icon Tailored simulation exercises informed by collaborative threat modelling
Icon On-going and timely professional communication
Icon Technical documentation of tests conducted
Icon Detailed technical description of contextualise security vulnerabilities with steps to reproduce
Icon Explanation of defensive gap and associated business risk
Icon Executive presentation of attack scenario
case study

A case study of our adversary simulation capabilities

Logo Logo

Cyber training program for the Australian Defence Force (ADF)

elttam worked with selected Australian security companies to deliver a fully online, collective cyber training program for the Australian Defence Force (ADF). The program featured a highly realistic virtual environment with simulated exercises, and trainees were grouped into virtual teams to remediate vulnerabilities and respond to simulated and real threat actors. The online training program was delivered remotely to Navy, Army and Air Force personnel across Australia.


As part of the program, elttam played the role of cyber threat actors for the ADF trainees that used Tactics Techniques (TTPs) and Procedures of real-world attackers.


Read More