Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Adversary Emulation

Training Camp • Cybersecurity Glossary

What is Adversary Emulation?

Adversary emulation replicates a known threat actor's TTPs, mapped to MITRE ATTACK, to test detection and response beyond generic penetration testing.

Glossary > Security Operations > Adversary Emulation

Understanding Adversary Emulation

Adversary emulation is the practice of replicating the specific tactics, techniques, and procedures (TTPs) of a known, real-world threat actor to test how well an environment's defenses detect and respond to that adversary. Unlike generic penetration testing, it is intelligence-driven and scenario-based, often mapping each emulated behavior to frameworks such as MITRE ATTACK. Tools like MITRE Caldera and Atomic Red Team are commonly used to execute and automate emulation plans.

Learn More About Adversary Emulation:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →