Fortinet white logo
Fortinet white logo

Administration Guide

MITRE ATT&CK®

MITRE ATT&CK®

You can use ATT&CK to simulate the post compromise behavior of a cyber adversary on an enterprise network.

FortiTester simulates the actions that a real adversary would do on the clients' systems. It features a Remote Access Tool (RAT) that performs adversary actions on infected hosts and copies itself over the whole network to increase its foothold. In order to emulate the adversary as realistic as possible, FortiTester uses Windows domain elements including users, shares and credentials, which are most commonly seen on the clients' system. It provides a library of executable techniques curated from ATT&CK, including favorites such as running Mimikatz to dump credentials and remote execution with WMI.

As a fully automated tool, defenders can use this feature to verify whether their defenses are working appropriately and as a resource to test defensive tools and analytics.

Training video

https://video.fortinet.com/products/fortitester/4.0

MITRE ATT&CK®

MITRE ATT&CK®

You can use ATT&CK to simulate the post compromise behavior of a cyber adversary on an enterprise network.

FortiTester simulates the actions that a real adversary would do on the clients' systems. It features a Remote Access Tool (RAT) that performs adversary actions on infected hosts and copies itself over the whole network to increase its foothold. In order to emulate the adversary as realistic as possible, FortiTester uses Windows domain elements including users, shares and credentials, which are most commonly seen on the clients' system. It provides a library of executable techniques curated from ATT&CK, including favorites such as running Mimikatz to dump credentials and remote execution with WMI.

As a fully automated tool, defenders can use this feature to verify whether their defenses are working appropriately and as a resource to test defensive tools and analytics.

Training video

https://video.fortinet.com/products/fortitester/4.0