Publication Type: Journal Article
Source: Information & Security: An International Journal, Volume 53, Issue 2, p.273-286 (2022)
, cybersecurity training
, red teaming
The complexity of protecting interconnected IT systems grows with the development of new products and applications. Consequently, the capability of Security Operation Centre personnel to keep abreast of new threats is of utmost importance to ensure the security posture of all organisations. In that regard, hands-on exercises on a cyber range reproducing realistic situations can boost the ability of personnel to react appropriately and adequately to intrusion in a production context. Such exercises are known to improve situation awareness. However, the design and delivery of such trainings impose a heavy workload on cyber experts. Relying on an automation system for the execution of attacks considerably lightens the duties of experts and frees some of their time for less repetitive tasks. This article introduces an orchestrator dedicated to red teaming.