Often identifies the team or the metric being tested. Teams like eSentire's TTR unit focus on rapid detection and remediation of active threats like Matanbuchus or Ransomware.
Develop detection rules (e.g., YARA or Sigma) to prevent similar "vicious" attacks in the future. From Shathak Emails to the Conti Ransomware - Cybereason TTR - TheDenOfTheVicious.zip
Quarantined binaries (often renamed or password-protected) used by the "vicious" actor in the simulation. Often identifies the team or the metric being tested
Determine the Time to Ransom (TTR) —the duration from initial breach to final encryption. TTR - TheDenOfTheVicious.zip