Connect with us

Tech

What is Adversary Simulation with Caldera?

Published

on

adversary simulation

In the first of these three use cases, Caldera seeks to test the detection capabilities of several tools of the same type (for example, multiple EDRs together). This approach allows users to compare and select the tool that best suits their needs, based on context, expectations, and Caldera’s detection capabilities. Additionally, evaluating the investigative possibilities among different tools is intriguing because it provides valuable insights into their effectiveness.

Today, attacks are increasingly complex and spread out over time. This is why experts are now talking about Advanced Persistent Threat (APT). In response, detection mechanisms have also evolved, with the advent of Endpoint Detection & Response (EDR) technologies, which aggregate and correlate single events to help detect weak attack signals. These EDRs, among other technologies, are generally operated within a Security Operation Center (SOC). So how do we ensure that these detection mechanisms are configured correctly, and how effective are they?

What is the role of adversary simulation?

Adversary Simulation, often referred to as Red Team Testing, is a cybersecurity technique that involves simulating real-world cyberattacks to assess an organization’s security posture. In practice, this comes in the form of servers and/or agents, which simulate attacks or exploits of vulnerabilities, in a more or less complex and procedural manner.

In order to categorize and reference attacks correctly, different security frameworks are used, such as the Cyber ​​Kill Chain or the MITER ATT&CK matrix. The Cyber ​​Kill Chain offers, for example, a list of 227 attack techniques divided into 14 tactics, and is widely used to simulate the stages of a complex attack.

What is Caldera?

The non-profit organization “ MITRE ” , which is at the origin of the “ ATT&CK ” framework mentioned above, has also developed an Open Source adversary simulation tool: Caldera, available on GitHub.

Its operation is rather simple. Only install it on a dedicated server, then deploy an agent that functions identically to a Beacon on client machines. The server can then act in a manner identical to a “ Command and Control ” (C2), by giving directives to the agents to carry out different attacks or data exploitations.

What makes this tool interesting is, beyond giving instructions to a live agent, that it allows you to develop or replay complete attack scenarios. In particular those carried out by APT groups or by companies having carried out an intrusion test operation on the IS.

Caldera natively offers a number of commands and tools. The latter, called “ Ability ”, allows for example to do enumeration, download payloads or malicious tools – such as “ Mimikatz ”, but above all to execute them. However, some of them are templates, and therefore require modification. Finally, it is also possible to create your own Ability based on “ in-house ” scripts , for greater flexibility. An interesting capability of Caldera is its ability to obfuscate, which enables it to hide malicious commands by interpreting them as base64, for example.

When and why to use it?

Caldera can test different detection tools and means, replay the different stages of an intrusion test or a security audit, or even prepare a SOC.

Tool Detection Capability Testing

In the first of these three use cases, Caldera seeks to test the detection capabilities of several tools of the same type (for example, multiple EDRs together). This approach allows users to compare and select the tool that best suits their needs, based on context, expectations, and Caldera’s detection capabilities. Additionally, evaluating the investigative possibilities among different tools is intriguing because it provides valuable insights into their effectiveness.

Scenario Reproduction for Attack Testing

For the second case, the idea is to faithfully reproduce the attack scenario used by the company that carried out the intrusion test. This action aims to verify that the scenario fails, once the auditors have effectively implemented the recommendations.

Integration with SOC for Enhanced Detection

Finally, the last use case is where Caldera receives a SOC. Indeed, the SOC collects data from all deployed security tools and adds a part of event correlation with a SIEM ( Security Information and Event Management ). This makes it possible to refine detections, based on all the data sources collected. The use of an adversary simulator can therefore contribute to the recipe of a SOC, and verify the effectiveness of its detections in the face of complex attack scenarios.

In a context where the concept of Purple Team is increasingly important, adversary simulation is undoubtedly the key element of its implementation, in order to guarantee continuous improvement of detection tools and IS configurations. It allows you to test all the processes put in place by the SOC to ensure that they work optimally. However, its use in no way replaces a real Red Team operation , it is only a complement to it. The combination of these two factors will contribute to a comprehensive and viable security strategy.

Conclusion:

In conclusion, Caldera presents a vital tool for modern cybersecurity, enabling organizations to proactively assess and enhance their defense mechanisms. By simulating attacks and exploits, Caldera empowers companies to validate detection solutions, recreate real-world scenarios, and bolster Security Operation Center readiness. Its flexibility and open-source nature make it a valuable asset in the ongoing battle against advanced cyber threats. Embracing adversary simulation tools like Caldera is essential for organizations striving to maintain resilience in the face of evolving security challenges.

FAQs

What is caldera in cyber security?

Caldera stands as a sophisticated cybersecurity framework meticulously crafted to seamlessly automate adversary emulation, bolster manual red-team efforts, and streamline incident response protocols. Leveraging the foundation of the MITRE ATT&CK™ framework, it remains a dynamic research endeavor led by MITRE, aimed at fortifying cyber defenses across diverse landscapes.

What is a Caldera server?

Caldera serves as a cutting-edge adversary emulation platform engineered to effortlessly conduct autonomous breach-and-attack simulation exercises. Flexibility is a hallmark, allowing for manual red-team engagements or automated incident response with equal ease and efficiency.

Read Also:

Understanding SSIS 816: A Data Marvel

Continue Reading

Tech

Exploring the Health Benefits of Air Fryers

Published

on

Tefal Actifry 2 in 1 Air Fryer YV960140

In many advertising brochures, the devices are promoted as a healthier alternative to traditional frying. Is it pure marketing or is this way of frying really healthier?  So lets discover the health benefits air fryers, from reducing unhealthy fats in fried foods to offering versatile cooking options with minimal oil.

Understanding the Mechanics And Health Benefits of Air Fryers

An air fryer is actually a small, mini convection oven. This works by circulating hot air through the oven. It’s actually a combination of a fan and a grill. Thanks to the smart construction of this oven, you can achieve almost the same result as with a fat-based fryer. The food ultimately contains 80% less fat, but still becomes crispy and brown.

Unveiling the Maillard Effect in Air Fryers

The brown and crispy structure is because sugars and proteins change under the influence of heat. Scents and flavors are then released that are impossible for many to resist. For example, think of freshly baked bread or a piece of tender meat. Coffee, chocolate, peanut butter and beer also owe their taste to the Maillard reaction. The effect was discovered in 1912 by the French physician and chemist Louis Camille Maillard.

Assessing the Risk of Acrylamide Formation

When food becomes too hot or heated for too long, the Maillard effect can take hold. Acrylamide can then be formed. The World Health Organization (WHO) calls the substance ‘possibly carcinogenic.  There are indeed studies that find a link between acrylamide and an increased risk of kidney, uterine and ovarian cancer. According to one study, air fryers produce 90% less acrylamide than traditional oil-based fryers.

Identifying Other Harmful Substances in Fried Foods

Other substances can also be formed in food during prolonged heating. The barbecue is especially notorious because substances such as aldehydes, heterocyclic amines and polycyclic aromatic hydrocarbons can be formed. The food then turns black and is actually charring. Fortunately, you can see this clearly with the naked eye. These substances are very unhealthy.

Examining the Impact on Glycemic Index

According to a study, the sugars in fries from the air fryer are less broken down than from the deep fryer, which means they score lower on the glycemic index. This means that blood sugar rises less quickly and less insulin needs to be produced.

Analyzing the Reduction in Fat Consumption

For frying with an air fryer you only need one or two spoons of oil at a time. This is much less than normal. The true advantage lies in the fact that you can now always use fresh oil of the best quality. When you use oil in a normal deep fryer, regularly replacing the fat is an expensive hobby. Actually, that should be the case, because fats oxidize quickly (especially vegetable oil). As an alternative, you can fry in heat-stable coconut oil, but this can also produce harmful substances after just a few fryings. That’s why I’m in favor of fresh oil.

Investigating the Effect of Oxidation

An Egyptian research institute took a closer look at the differences in deep frying and air frying. It soon became clear that the fats from the air fryer suffered less from oxidation than from frying. The peroxide value, an important oxidation marker, was much lower.

Debating the Overall Healthiness of Frying

Other scientists saw that the quality of the fatty acids present decreased when frying fish in the air fryer. That makes sense, because omega 3 and 6 fatty acids do not like heat. Cholesterol can also oxidize due to the heat. The researchers discovered that adding herbs such as parsley and chives significantly reduced cholesterol oxidation. Yet another reason to add spices to your meals while cooking!

Versatility of Air Fryers: Exploring Healthy Cooking Options

Although frying in the air fryer is healthier than frying, it just depends on what you prepare in it. If you still make flames, croquettes or cheese soufflés, you won’t get much out of it. Fortunately, the air fryer offers many other options. You can of course make homemade fries, but also roasted almonds, fried eggs, beet burgers, cakes, oatmeal apple cake, too many to mention. 

Addressing Concerns About Air Fryer Safety

Below par

According to the consumer association, half of the air fryers are not good. Some are even dangerous. There are air fryers that get so hot on the outside that burns are inevitable. The cheap types of vague brands are especially a risk.

Teflon

Unfortunately, almost all deep fryers have a thick layer of Teflon. Especially those from Philips. Teflon fumes can cause birds to die acutely, so this is certainly not healthy. So you have to look for an air fryer with a ceramic layer. They turned out to be happy!

The ceramic Multifry from DeLonghi and the actifry from Tefal are best. These also have many other advantages. You can make much more in it than in a normal air fryer.

Advanced Features in Modern Air Fryers

 The DeLonghi and Tefel have a scoop arm that allows vegetables to be stirred so that they are cooked evenly. You can also make a healthy oat-apple breakfast cake in it, for example. To see how your food is doing, with most air fryers you have to interrupt the process and open the device: the DeLonghi Multifry has a BPA-free viewing window, so you can see whether the food is ready to eat. This is why It is preferable. 

 Conclusion:

 Air fryers offer a promising solution for those seeking healthier cooking methods. By utilizing hot air circulation instead of oil immersion, air fryers can significantly reduce the amount of unhealthy fats in fried foods. Additionally, they provide a versatile cooking option, allowing for the preparation of various dishes with minimal oil, from homemade fries to baked goods. While concerns about certain health risks persist, proper usage and selection of high-quality air fryers can maximize their health benefits.

Read Also:

Robotic Pool Cleaners: how they work and their advantages

Continue Reading

Tech

Type Of Computer Mice: How To Make The Right Choice?

Published

on

types of computer mice

A mouse is an essential computer accessory that allows you to work with optimal comfort on a computer. There are several types of computer mice, including standard wired models suitable for everyone and more advanced models meeting specific needs. In today’s stores, you can find wireless mice, modular mice with additional buttons for gamers, multi-sensor mice or even USB mice for laptops. Faced with this multitude of choices, it becomes difficult to choose your computer mouse. This article reveals some tips for making the right choice.

What are the different types of computer mice depending on their connection method?

  • Wired mice: wired mice with a USB sensor available plug into the computer’s motherboard via a USB port. You can also connect a wired mouse via a PS2 serial port. This is the case with old mechanical wired mice which have a more or less high number of DPI or sensors.
  • Wireless infrared mice: unlike wired mice, they use the radio or available infrared waves to send signals to the computer. This type of non-wired mouse costs more than the classic models available. They have a better DPI or sensor.
  • Wireless Bluetooth mice: unlike wired mice, these non-wired mice sense the available support on which they are placed to create an interaction with the sensor screen. This type of mouse is easier to use and particularly reliable. They have a higher DPI or sensor.
  • Wireless Wifi mice: these non-wired mice do not work like wired mice, but like any wireless device. They send data to the available computer via WiFi signals or radio frequency (RF). Their DPI or sensor is also high.

What is a computer mouse?

In computing, the word “mouse” does not refer to rats or other types of rodents. It designates a control device with variable DPI, invented by the American engineer Douglas Carl Engelbart for computers (PC or laptop). It is held in the palm of the hand to navigate correctly on a computer screen. Depending on its DPI level, it is mainly used to point, select or click on elements displayed on the screen. It is available in several shapes, colors and sizes, including highly sophisticated models that offer great comfort of use on a computer.

How to choose a computer mouse?

  • Types of mouse available with or without buttons: mechanical which works with a ball as a sensor, optical which works via an LED light as a sensor, laser which works with a laser sensor.
  • Size: a mouse must correspond to the size of its user’s hand to offer optimal comfort of use with the buttons. The size of a mouse with or without buttons is usually indicated by exact measurements or S/M/L type indicators.
  • The type of connection available: wired or wired for more secure use in professional premises or wireless for optimal use at home or on the move, with or without buttons.
  • The available brand: certain brands of mice with available buttons are more appreciated for their reliability and durability, others for their aesthetics even without buttons and still others with or without available buttons for the notoriety of the manufacturer on the market.
  • The available price: certain mouse models with or without available buttons are more expensive than others.

How to connect mouse devices to a computer?

Connecting a Bluetooth mouse to a Windows computer

  • Activate your black non-wired Bluetooth or USB optical mouse.
  • Hold down the pairing button under the mouse until the light starts flashing.
  • A notification appears on the screen to indicate that the mouse is available. Choose “Connect” and wait while the computer completes the configuration.
  • If the notification is not available on the screen, go to the “Start” menu, then choose “Settings”. In “Devices”, select “Bluetooth and other devices”. Then, select “Add a Bluetooth or other device”, choose “Bluetooth”, then “Bluetooth Mouse”, and finally click “Done”.
  • The LED indicator on the mouse stops flashing once your optical mouse is paired with the sensor. It also remains available until you turn off your mouse with the ON/OFF buttons.

Connect a mouse to a wireless receiver

  • Plug in the receiver of your non-wired optical mouse: insert it into one of the USB ports on your computer.
  • Check if the batteries available in the mouse are inserted properly.
  • Turn on the USB optical mouse: using the buttons on the bottom of the mouse or with the On/Off switch on the side.
  • Press the pairing button: The pairing buttons are either between the two main buttons of the USB mouse or on the side.
  • Test the connection: if the cursor on the screen moves, the optical mouse is connected to the web sensor. Otherwise, turn your mouse off and turn it back on again.

Connect a Bluetooth Mouse to a Mac

  • Turn on the non-wired USB or Bluetooth mouse.
  • Click on the Apple menu icon: it is located at the top left of the screen for right-handed people.
  • Choose “System Preferences”: You’ll find this option at the top of the drop-down menu.
  • Choose “Bluetooth”: it’s the blue icon which is topped by a white Bluetooth symbol.
  • Click on “Activate Bluetooth”: this option is on the left of the window.
  • Press the available mouse pairing button.
  • The name of the available USB mouse is displayed on the screen. Click “Pair”.

FAQs

What are the two types of wireless mice?

There are 2 types of wireless mice :

  • Infrared mice: work using a small infrared receiver connected to the computer.
  • Bluetooth mice: also work using a small receiver to connect to the computer.

What is the difference between a mechanical mouse and optical mouse?

Unlike optical or laser mice that use sensors to track movement, a mechanical mouse relies on a small ball on its underside. When the mouse moves, its ball rotates, and the internal mechanisms convert this movement into movement of the cursor on the screen.

What are the 3 types of mice?

There are different types of mice :

  • Mechanical mouse: mouse that works with a ball. The ball transmits mouse movements to the computer. …
  • Optical mouse: mouse movements are analyzed by an LED.
  • Laser mouse: mouse movements are transmitted using a laser.

What is the best mouse for gaming?

The Logitech G502 is the best value for money wireless gaming mouse. Impossible to ignore the Logitech G502. The Swiss manufacturer is refining its range of gaming mice with a wireless model equipped with Lightspeed technology.

Read Also:

What is Adversary Simulation with Caldera?

Continue Reading

Tech

09 Best Free AI Tools for Business

Published

on

Best Free AI Tools for Business

By 2024, approximately 55% of businesses report using AI in some form, and this figure will only increase as business-facing AI tools grow and become more powerful. Commercial AI may be a foreign concept to you. But these 09 best free ai tools for business cover a wide range of AI applications in business,  each offering something that can help you save time or money.

Read on to explore the 09 best free AI tools for business and find the one that best suits your needs!

09 Best Free AI Tools for Business

ChatGPT

ChatGPT is the most powerful AI writing tool, and it is certainly the most popular AI tool at the moment. This is justified by exceptional writing output, with copies written at near-college levels.

Of course, the content generated is not always accurate. The tool has a habit of citing sources that don’t exist and hallucinating information that must be verified manually, and it works on datasets dating from 2021. But in terms of structuring content and proposing ideas, there is no better one.

Prices

  • Free Tier – $0 per month
  • ChatGPT Plus – $20 per month

Features

  • High-level and professional writing tool
  • Supports multiple languages
  • Great for coding tips

Cons

  • Working from a 2021 dataset
  • Poor or no citations
  • Sometimes refuses to generate content

Midjourney 

Best AI Tools for Business

Write a description. Generate an image. This is Midjourney ‘s modus operandi and he does a great job creating images that can mimic certain styles. It’s a great tool for populating websites with unique images, although it’s not perfect.

Like many AI image generators, it has a tendency to mutilate hands, but that’s getting better. And if the generator doesn’t understand your prompts, you won’t even come close to the image you were trying to create.

Prices

  • Basic plan – $10 per month
  • Standard Plan – $30 per month
  • Pro Plan – $60 per month
  • Mega Plan – $120 per month

Features

  • Generates exceptionally realistic images
  • Four images per prompt
  • Every image looks professional

Cons

  • May struggle with more complex prompts
  • Often spoils human hands

Jasper 

Best Free AI Tools for Business

With four brand voice options, including the weird (but fun) pirate voice, Jasper does a great job writing in the tone your business needs. Its output is also solid, always sounding natural.

The tool is also fast, as Jasper positions itself as one of the best AI productivity tools for the sheer speed of its writing. Unfortunately, the lack of built-in fact-checking means you’ll need a copy editor to ensure everything it generates is accurate.

Prices

  • Creator Tier – $49 per month
  • Teams Level – $125 per month
  • Business level – Variable pricing

Features

  • Multiple branded voice options
  • Generates a natural copy very quickly
  • Great for brainstorming ideas

Cons

  • Does not do any fact-checking
  • May struggle with niche topics
  • Modification almost always required

Descript 

Best AI Tools for Business

Combine video editing, podcasting tools, and AI-generated (and editable) transcripts and you get Descript . Its editing tools, including simple multi-track audio editing and instant screen capture, are perfect for shooting videos. But its most notable feature is the tool that brought it to gaming: AI-generated transcripts.

Prices

  • Free Tier – $0 per month
  • Creator Tier – $12 per month
  • Pro Level – $24 per month
  • Enterprise Level – Variable Pricing

Features

  • Great audio transcription tools
  • Simple document-based video editing
  • Integrated video hosting

Cons

  • Confusing user interface
  • Difficulties with non-native English speakers when transcribing

Grammarly 

Best AI Tools for Business

In addition to offering one of the best free AI tools for basic grammar and spell checking, Grammarly offers a “Premium” tier that takes copy editing to a new level. He always checks spelling and grammar.

But it also checks your writing against the tone and audience you hope to reach, offering sentence restructuring suggestions so you create polished copy that’s free of common errors.

Prices

  • Premium Annual Plan – $144
  • Monthly Premium – $25 per user
  • Business – Variable pricing

Features

  • Great for checking basic spelling and grammar issues
  • Suggests sentence rewrites for awkward passages
  • Adapt suggestions based on tone and audience
  • Supports US, UK, Canadian and Australian English

Cons

  • Tends to get stuck making the same word replacement suggestions
  • Only supports English
  • Occasionally makes incorrect suggestions

Notion AI 

Best AI Tools for Business

While it offers solid performance as a content generation tool, Notion AI really stands out when it comes to your meeting notes. It can analyze notes taken during a meeting, suggesting action steps you can implement within your company based on the content presented.

Its strength lies in simplification, making it perfect for creating summaries and simplifying complex writing.

Prices

  • Free Tier – $0 per month
  • Plus Tier – $10 per month
  • Business Level – $18 per month
  • Enterprise Level – Variable Pricing

Features

  • Uses AI to summarize meeting notes and generate key takeaways and next steps.
  • Practical content editing and simplification tools
  • Can write an entire blog post
  • Useful translation in over 13 major languages

Cons

  • Has a steep learning curve
  • Only has content-related commercial AI tools

AgentGPT 

Best AI Tools for Business

Would you like to set up your own AI agent without needing to code? AgentGPT is the tool for you because it allows you to create AI agents based on your business needs using text prompts rather than complex programming.

The generated agents run from the GPT framework and do a great job of crawling the web for information based on your prompts.

Prices

  • Free Tier – $0 per month
  • Pro Level – $40 per month
  • Enterprise Level – Variable Pricing

Features

  • Create AI agents without any coding experience
  • Generated agents follow the specific instructions you create
  • With the “Pro” level, you can have up to 30 agents per day.

Cons

  • Agents are tied to the GPT framework – which is not ideal if you don’t like GPT
  • Customization so-so

Fireflies.ai 

Let’s say you just got off an hour-long recorded call. You don’t want to analyze that audio to get the best bits – it takes too long. Enter Fireflies.ai. The tool transcribes and summarizes your voice calls while also giving you the ability to search for the most relevant information.

Prices

  • Free Tier – $0 per month
  • Pro Level – $10 per month
  • Business Tier – $19 per month
  • Business – Variable pricing

Features

  • Utilizes AI to transcribe and summarize business calls.
  • Convenient search functions to find the most important parts of your calls
  • Integrates with your Zoom calendar

Cons

  • Transcription accuracy could be better
  • Does not support video recordings

SaneBox

 

The biggest challenge in business email is simple: clutter. You receive so many emails that are completely useless beyond cluttering up your inbox. This ai tool provides a solution by sorting emails before they arrive, ensuring you only see what you need to see.

It does this by creating several folders where it sends your less important messages so that your inbox is free for business emails.

Prices

  • Snack Level – $7 per month
  • Lunch level – $12 per month
  • Dinner Tier – $36 per month
  • Aperitif Level – $0.07 per day

Features

  • Automated creation and sorting of email folders
  • Integrates with most major email clients
  • You train the algorithm by dragging and dropping emails into folders as you go.

Cons

  • Training can go wrong and cause you to miss important emails
  • Tends to keep resending emails if recipient doesn’t respond

FAQs 

What are the best free ai tools for business?

Most of the tools on this list offer a free tier, which at least gives you the chance to experiment with the tool even if some features are limited. The free tier of HIX.AI is quite generous, giving you 3,000 words of GPT 3.5-generated content each month.

How can AI help businesses?

AI software tools can help your business in many ways. In this list alone, there are at least three tools that can assist you in generating and editing written content. Images aren’t a problem either, thanks to tools like Midjourney, and you’ll also find plenty of AI productivity tools that help sort your inbox or transcribe meeting notes.

What is the best AI tool?

The best artificial intelligence software options depend on your business needs. Some popular options include IBM Watson, Google Cloud AI Platform, Microsoft Azure AI, and Amazon Web Services .

What is the most efficient AI?

Midjourney has established itself as the best text-to-image (generative AI of images from text) with rendering quality that has long been unmatched.

Read Also:

Continue Reading

Trending

Copyright © 22023 NY Blueprint. Developed By Imran Javed Awan.

123456789