Attack
| Ref |
Feature Name |
Description |
| C1 |
APT |
The tool permits emulating a known Advanced Persistent Threat's (APT) attack path
without manually configuring all the activities to simulate it |
| C2 |
Group of APTs |
The tool permits emulating multiple known Advanced Persistent Threats (APTs) at-
tack paths without manually configuring all the activities to simulate them |
| C3 |
Lateral Movement |
The tool permits performing simulations in which the number of compromised targets
increases by performing lateral movement from the initial breach point |
| C4 |
Multiple Targets |
The tool permits performing a simulation on multiple targets simultaneously |
| C5 |
Multi Objectives |
TThe activities span different categories of attacks, not only specific ones |
| C6 |
Pre-Compromise |
The tool permits the execution of activities belonging to the pre-compromise phase |
| C7 |
Reusable Information |
The tool can collect data obtained through one activity and reuse it in other activities
(e.g., passwords, usernames. . . ) |
| C8 |
System Detection |
The tool can automatically recognise if the activities are supported by the targets,
avoiding running incompatible activities |
| C9 |
Activities Filtering |
The tool allows filtering among possible activities to determine which ones to include
in the simulation |
| C10 |
Activities Combined Filtering |
The tool allows filtering among possible activities, combining different attributes, to
determine which ones to include in the simulation |
| C11 |
Target Filtering |
The tool allows filtering among possible targets to determine which ones to include in
the simulation |
| C12 |
Planners |
The tool permits the usage or creation of planners capable of deciding in which order
and how to execute the activities |
| C13 |
Prioritisation |
The tool permits running the activities chosen for the simulation in a prioritized order |
The features in this section aim to analyze the software's general attack capabilities. This list comprises
thirteen features; five of them (C9 to C13) are related to the attack “configuration”, meaning the
selection of targets, activities, and their order. In particular, the features Activity Filtering and
Activities Combined Filtering are the attributes used to verify if the tool permits the filtering of
activities based on the elements described in the Information and Filtering subsection.
Results >
< Organization