An Evaluation of the Cobalt Strike Framework for Red Team Engagements

dc.contributor.author Hendricks, Christopher P.
dc.date.accessioned 2022-10-24T17:47:54Z
dc.date.available 2022-10-24T17:47:54Z
dc.date.issued 2022-11
dc.description A student presentation to the Fall 2022 Student Research and Creative Works Symposium
dc.description.abstract Following the increase in the sophistication and frequency of cyber-attacks in recent years, the demand for skilled cybersecurity experts has also continued to grow year-over-year. Despite an industry-wide awareness of the cybersecurity skills shortage, few organizations have developed long- term plans to address the persistent gap in hiring and retaining quali ed personnel. In a global survey conducted by the Information Systems Security Association (ISSA) last year, 489 cybersecurity professionals were asked what actions an organization could take to address the ongoing skills shortage. The biggest response (39%) received was an increase in cybersecurity training so that candidates can be properly trained for their roles (ISSA, 2021). More speci cally, the study indicates how cybersecurity professionals widely value hands-on experience and mentoring for skills development, with a majority stating this experience is even more important than the achievement of industry certi cations. When combined with technical training courses, Red Team adversary emulation and attack simulations can help bridge this gap by providing the hands-on experience that cybersecurity professionals necessitate. This is achieved by essentially teaching defenders how to respond to threats as they would appear in real life and how to react to di erent, unpredictable situations in a collective and collaborative way. Furthermore, Red Team engagements can help mitigate the risks to an enterprise by challenging the assumptions made by defenders and identifying areas for improving an organization’s operational defense. The purpose of this study was to investigate how Cyber Red Teams use adversary emulation frameworks – focusing primarily on post exploitation, lateral movement, and maintaining persistence – to challenge the detection and response capabilities of an organization. In particular, we will evaluate the e cacy of the popular Cobalt Strike framework in simulating the threats posed by Advanced Persistent Threat (APT) actors in a secure training environment and how it can be used to promote a proactive approach to enterprise network security.
dc.format.extent 1 page
dc.identifier.uri http://hdl.handle.net/10790/7138
dc.language.iso English
dc.publisher University of Hawaiʻi — West Oʻahu
dc.rights Attribution-NonCommercial-NoDerivs 3.0 United States
dc.rights.uri http://creativecommons.org/licenses/by-nc-nd/3.0/us/
dc.title An Evaluation of the Cobalt Strike Framework for Red Team Engagements
dc.type Presentation
dc.type.dcmi text
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
ssym-fall2022-0003.pdf
Size:
951.61 KB
Format:
Adobe Portable Document Format
Description: