مشاوره رایگان

Campaign Results

Accessing Campaign Details

After clicking on a specific campaign from the campaign list, users are taken to a detailed overview page.

Overview Page

  • Campaign Information: Displays creator, start and end times, and a brief description of the campaign.
  • Campaign Test Cases: Displays all campaign test cases along with their status in different SIEM and BlueTeam phases.
  • Campaign Actions: Options to start the campaign, go to launch, configure settings, and export results as a PDF.

Launch Results

  • Total Launch & Test Case Metrics: Users can view the total number of launches and test cases involved in the campaign.
  • Launch Details: Provides information on the most recent launch, including reporting IP, source, and destination details.

Test Case Analysis

Tactic Mode Overview

  • Tactic Mode: By selecting “Tactic Mode,” users can view test case results organized by their associated MITRE ATT&CK tactics.
  • Test Case Summaries: Summarizes the total number of test cases within each tactic, highlighting successes and failures.

Individual Test Case Details

When a user clicks on an individual test case, they are presented with a detailed analysis page.

Test Case Information

  • Severity: The level of threat the test case represents.
  • Tactic & Technique: The categorized tactic and specific technique used in the test case.
  • Detection Status: Shows if the attack was detected, and at what phase of the attack lifecycle.

Setting Analysis

Attack Phase Analysis

  • Set Analysis: Allows users to input their expert analysis on the attack phase of a test case.
  • Comments and Tags: Users can add comments and tags (like APT group names) to provide context and facilitate filtering or searching later.

Detection Phase Analysis

  • Detection Details: Users can provide details such as detection status, time, priority, and additional comments.
  • Tagging: Similar to the attack phase, users can tag the detection phase analysis for organizational purposes.

Best Practices for Analysis

Expert Analysis Tips

  • Comprehensive Notes: Ensure that all observations and findings during the simulation are thoroughly documented.
  • Consistent Tagging: Use consistent tags for easy identification and correlation of related test cases.

Analyzing Results

  • Periodic Reviews: Regularly review the campaign and test case results to identify patterns and areas for improvement.
  • Cross-Reference with Real-world Events: Compare simulation results with real-world breach reports to enhance the relevance of simulations.

درخواست مشاوره رایگان

تیم فروش و کارشناسان فنی بهین راهکار در اسرع وقت با شما تماس خواهند گرفت

در مسیر امنیت، هر قدم کنار شما هستیم

درخواست دمو

تیم فروش و کارشناسان فنی بهین راهکار در اسرع وقت با شما تماس خواهند گرفت تا دموی شخصی‌سازی‌شده مطابق نیازهای سازمان شما را ارائه دهند.

در مسیر امنیت، هر قدم کنار شما هستیم