Adversary Emulation: How I Stopped Being Polite and Got Real Results

Adversary emulation is a go-to testing approach. By acting like real adversaries, red teams can provide effective testing for threats detection. But there's a problem—this isn't happening in practice. Using data from real intrusions, this talk will show how differently testers and real adversaries behave, with examples of different techniques, procedures, and tools used by testers and adversaries.