Wisp Security is a service partner of RedMimicry

We are pleased to announce our partnership with RedMimicry. The Berlin-based platform helps us replay documented TTPs of real threat actors in a controlled and reproducible way.

The focus of the cooperation is alarm tests. Instead of looking for a single vulnerability, we check how well the detection and response chain works as a whole: which actions are logged, which trigger an alert, which actually lead to a response, and how fast. To do this we run selected attacker techniques in a planned sequence, vary how loud they are, and at the end compare what we triggered with what the defending side actually saw and worked on.

Alarm tests are aimed primarily at companies that already have working detection processes in place and want to confirm or improve their effectiveness empirically, without immediately justifying the effort of a full red team engagement. On request we add a follow-up pentest to the alarm test.

Afterwards you receive a complete timeline of the executed actions mapped to MITRE ATT&CK, a side-by-side view of generated and observed events, and concrete recommendations for telemetry, rule sets, and escalation paths. Because exercises on the RedMimicry platform are reproducible, follow-up runs can be compared directly against the baseline.

If you would like a solid check of your own detection and response capability, feel free to get in touch at info@wisp-security.eu.