Introduction to Adversary Emulation with Prelude Operator

  • Date

    27 November 2021

  • Time(IST

    10:30AM ~ 12:30PM

The modern cybersecurity landscape is an escalating arms race between attackers and defenders - attackers are constantly researching and building new techniques and tools while defenders try to identify, detect, and respond to them. Using automation tools that emulate attacker methodologies, defenders can perform simple, repeatable attacks to drive their detection engineering efforts, security validation tasks, and ultimately improve processes.

This entry level class will take students through the basics of setting up and using Operator to perform basic adversary emulation tasks and investigate how that can be used to create a continuous defensive evaluation process.

Core Topics/Course Content:

  • Basics of offensive infrastructure and command and control (C2) tools
  • Basics of threat modeling and parsing Cyber Threat Intelligence (CTI)
  • How to use Operator to construct and launch basic adversaries
  • Basics of planning cyber exercises (Plan, Brief, Execute, Debrief - PBED cycle)
  • How to build a continuous defensive evaluation/improvement process
  • Pre-requisites:

  • Computer/Laptop (Windows, Linux, macOS)
  • Basic knowledge of using a Shell environment (Powershell, Bash, etc)
  • Requirements:

  • Computer/Laptop (Windows, Linux, macOS) - need Administrator privileges
  • Recommend Ubuntu 20.04/Kali 2021+, Windows 10+, macOS 11.6+
  • [Optional]: AWS free tier account (provisioning redirectors and test servers)
  • Speaker


    David Hunt

    David Hunt is the CTO of Prelude. David specializes in building teams which bridge cybersecurity with best-practice technology. Before coming to Prelude, David spent two years at MITRE Corporation in a dual-role as head developer and project lead for the CALDERA adversary emulation framework.


    Stephan Wampouille

    Cybersecurity Engineering Intern at Prelude.