About The Course

Building Threat-Informed Emulation Plans is a 3.5 – 4 hour learning experience designed to put you in the driver’s seat of a purple teaming planning exercise. This is a project-based course in which the concepts and labs build upon each other as you protect and defend our fictional company Sable Bluff Labs. During the class, you will learn about the following topics with labs to reinforce learning:

  • Threat-Informed Defense: Introduction to the basic principles of a threat-informed defense.
  • Mission Analysis: Analyze what the company does, what is important to keeping the company running, and how those things could be exploited.
  • Threat Profiling: Threat profiling builds upon mission analysis by understanding who would exploit your companies’ vulnerabilities and how they would do it.
  • Emulation Planning: Emulation planning takes the work done in threat profiling and mission analysis and combines it into an actionable plan to test your enterprise against likely attacks from likely attackers.
  • Implementing Emulations in AttackIQ: Taking the plans created during emulation planning, you will learn how to implement emulations in a breach and attack simulation tool to better automate and report on emulation activities.
  • MITRE D3FEND: Take the output of your emulations and determine which preventive or detective measures can be put in place to better mitigate weaknesses discovered during testing.

You will have full access to AttackIQ Academy instructors to answer all your questions on emulation planning, breach and attack simulation, MITRE ATT&CK, and more. This is a truly unique, interactive experience that we cannot wait to share with you.