Please use this identifier to cite or link to this item:

An Evaluation of the Cobalt Strike Framework for Red Team Engagements

File Size Format  
ssym-spring2022-0003.pdf 951.61 kB Adobe PDF View/Open

Item Summary

Title:An Evaluation of the Cobalt Strike Framework for Red Team Engagements
Authors:Hendricks, Christopher P.
Date Issued:Mar 2022
Publisher:University of Hawaiʻi — West Oʻahu
Abstract:Following the increase in the sophistication and frequency of cyber-attacks in recent years, the demand for skilled cybersecurity experts has also continued to grow year-over-year. Despite an industry-wide awareness of the cybersecurity skills shortage, few organizations have developed long- term plans to address the persistent gap in hiring and retaining quali ed personnel. In a global survey conducted by the Information Systems Security Association (ISSA) last year, 489 cybersecurity professionals were asked what actions an organization could take to address the ongoing skills shortage. The biggest response (39%) received was an increase in cybersecurity training so that candidates can be properly trained for their roles (ISSA, 2021). More speci cally, the study indicates how cybersecurity professionals widely value hands-on experience and mentoring for skills development, with a majority stating this experience is even more important than the achievement of industry certi cations. When combined with technical training courses, Red Team adversary emulation and attack simulations can help bridge this gap by providing the hands-on experience that cybersecurity professionals necessitate. This is achieved by essentially teaching defenders how to respond to threats as they would appear in real life and how to react to di erent, unpredictable situations in a collective and collaborative way. Furthermore, Red Team engagements can help mitigate the risks to an enterprise by challenging the assumptions made by defenders and identifying areas for improving an organization’s operational defense. The purpose of this study was to investigate how Cyber Red Teams use adversary emulation frameworks – focusing primarily on post exploitation, lateral movement, and maintaining persistence – to challenge the detection and response capabilities of an organization. In particular, we will evaluate the e cacy of the popular Cobalt Strike framework in simulating the threats posed by Advanced Persistent Threat (APT) actors in a secure training environment and how it can be used to promote a proactive approach to enterprise network security.
Description:A student presentation to the Spring 2022 Student Research and Creative Works Symposium
Pages/Duration:1 page
Rights:Attribution-NonCommercial-NoDerivs 3.0 United States
Appears in Collections: Student Research Symposium

Please email if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons