Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Adversary emulation replicates a known threat actor's TTPs, mapped to MITRE ATTACK, to test detection and response beyond generic penetration testing.
Adversary Emulation Definition: Adversary emulation replicates a known threat actor's TTPs, mapped to MITRE ATTACK, to test detection and response beyond generic penetration testing.
Adversary emulation is the practice of replicating the specific tactics, techniques, and procedures (TTPs) of a known, real-world threat actor to test how well an environment's defenses detect and respond to that adversary. Unlike generic penetration testing, it is intelligence-driven and scenario-based, often mapping each emulated behavior to frameworks such as MITRE ATTACK. Tools like MITRE Caldera and Atomic Red Team are commonly used to execute and automate emulation plans.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →