Summary: <p>Today is part two of evaluating endpoint solutions, where I primarily focus on <a href="https://github.com/mitre/caldera" rel="nofollow noreferrer noopener" target="_blank">Caldera</a> which is an adversary simulation system that's really awesome! You can essentially setup a virtual attacker and cut it loose on some test machines, which is what I did as part of an endpoint protection evaluation project. </p> <p>The attacks simulated are from <a href="https://attack.mitre.org/" rel="nofollow noreferrer noopener" target="_blank">Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) project</a>. So the big question is...did any of these endpoint solutions catch some of the simulated ATT&CKs? Check out today's podcast to find out!</p> <p>Oh, and I wrote up my quick install guide for Caldera <a href="http://bpatty.rocks/#!blue_team/caldera.md" rel="nofollow noreferrer noopener" target="_blank">here</a>.</p>
