Welcome to the Red Team Guide blog.
This is a new space for us to share red team tradecraft, tool releases, operational insights, and lessons learned from the field. While our guides cover foundational concepts and structured methodologies, this blog will be where we share timely updates, deep dives, and practical tips.
Event Data Collector (EDC) is a very basic django application used to capture data on the fly.
Designing, deploying, and managing a comprehensive security program is not an easy task. An organization's security design is influenced and pressured from multiple, often competing, sources. This includes customers, compliance, management, peers, budget, public opinion, and news. This process is complex and challenging, but an organization is generally able to overcome the pressures and implement what is considered to be a robust security program. An organization is able to please the various parties and, at least on paper, describe a strong security program designed to stop malicious cyber-attacks. Audit and compliance checks pass with a green light. Robust patch management systems are deployed. Vulnerability assessments and penetration tests are conducted. In general, the organization has good security hygiene. These are all great steps in defending a network from attack, but unfortunately, often fall short in achieving the primary goal of preventing, detecting, and responding to real threats. Why? What is missing? The real question to consider is: