Imaginary tactics and techniques

Fictitious tactics and techniques

Made up tactics and techniques

Real-World tactics and techniques

Use use imaginative made-up tactics from imaginary adversaries.

Performs tasks that emulate real-world adversary attacks.

Monitor for real-word simulated attacks.

Perform pen testing of the target system.

True Negatives

False Negatives

True Positives

False Positives

Pretends to be a real life SOC team to catch fictitious attacks.

Acts as a real-life adversary using TTPs for attack.

Assists the red team in monitoring their pen testing

Evaluates and improves the organization's detection capabilities

Reducing false alarms

Keeping the signal to noise ratio down

Detecting false alarms

maximizing alert frequency

precision

signature based detective

recall

allow list