Meeting today's security challenges requires the Red Team and the Blue Team working together simultaneously - creating a Purple Team. Our CTO, Jorge Orchilles, has been leading the charge developing the standard for Purple Team program materials and trainings. Read more to engage, implement, and experience purple.

SCYTHE 3.1 is here and will be debuted at DEF CON Red Team Village on 8 AUG! With MITRE ATT&CK sub-techniques going live shortly after our major release of v3.0, we wanted to ensure that you are aligning to the latest and greatest framework in the cybersecurity industry across all of your SCYTHE Campaigns and Reports!

It's that time of the year again, Hacker Summer Camp! The SCYTHE team has a busy week scheduled as we love to give back to the community. We are giving talks, panels, workshops, releasing tools, and even have two Choose Your Own Adventure games for Red and Blue Teams. Here’s a quick guide to where you can find us virtually over the next few days during Black Hat USA and Def Con Safe Mode.

UniCon, our very own Unicorn Conference, is a free conference for security researchers, developers, red teamers, blue teamers, and purple teamers taking place on August 20! We will have two excellent keynotes from Olaf Hartong and John Strand, the release of the SCYTHE Marketplace with custom modules, introduction and AMA with our platform engineers to ask all the technical questions about C2 and synthetic malware, lighting talks with researchers and module developers, great talks, and a brand new CTF.

The SCYTHE team has been busy working on version 3.0, our latest release. This release brings major improvements, including support for in-memory third-party Python Modules built using the SCYTHE Software Development Kit (SDK), and will lead up to the launch of the SCYTHE Marketplace.

Kerberoasting is now available in the SCYTHE Marketplace. Kerberoasting a method to steal encrypted Kerberos tickets from valid service accounts in Active Directory to then crack them and obtain the clear text password of service accounts. Originally discovered by Tim Medin of Red Siege, Kerberoasting is a subtechnique of Stealing Kerberos Tickets and tracked in MITRE ATT&CK as T1558.003. In this post, Tim Medin explains how Kerberoasting works during Unicon and also releases a Kerberoast module in the SCYTHE Marketplace to enable SCYTHE operators to seamlessly Kerberoast from within SCYTHE.

Building security in the customer experience, not “compliance helmets” - Shawn Bowen, CISO with Restaurant Brands International, joins CISO Stressed Host Liz Wharton to discuss the value of experience-based learning, digital empathy, and the customer experience.

Welcome to another week of #ThreatThursday! This week’s Threat Thursday is going to be slightly different from the standard as we discuss the FIN6 Adversary Emulation plan released by MITRE Engenuity’s Center for Threat-Informed Defense. We will focus on the importance of machine-readable Cyber Threat Intelligence at the adversary behavior and TTP level, sharing adversary emulation plans, and YAML-to-JSON conversion