This new major version (v2024.05) of M&NTIS Platform integrates the following new features:

• Real-time execution of attack scenarios and visualization of associated information (timeline of attack stages, attacker’s path on the targeted system, offensive commands executed, etc.). This capacity makes it possible to challenge the defense against realistic attack campaigns, in order to test the SOC procedures and tools during the detection, qualification and investigation phases.

• Real-time execution of unitary attacks. This functionality makes it possible, on the one hand, to evaluate the level of detection coverage with regard to the MITRE ATT&CK catalog and, on the other hand, to facilitate the development of signatures in the face of new threats.

• Enrichment of the datasets made available (PCAP, logs and attack metadata). These datasets, which correspond to traces captured during the execution of attack scenarios, can then be replayed in a reproducible manner against detection products working on network flows (network probes, NDR) and logs (SIEM, XDR).

To date, M&NTIS Platform provides the following catalogs:

• 75 unit attack techniques, referenced according to the MITRE ATT&CK matrix.
• 5 complete and realistic attack scenarios (killchains).
• 90 datasets, containing system and network traces of attacks already played.

If you need to assess effectiveness of your SOC/CERT activities, or if you want to test defensive products, please contact us: contact.mantis@amossys.fr