ABOUT NPCC Careers Contact Us Governance & Corporate Membership Resources Leadership Team PROGRAM AREAS Standards & Criteria Compliance RAPA SAIS COMMITTEES DER Forum Gov/Reg Affairs Reliability Coordinating Regional Standards NEWS Search SIGN IN

Posted: 10/18/2022

CISA Releases RedEye: Red Team Campaign Visualization and Reporting Tool

CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye allows an operator to quickly assess complex data, evaluate mitigation strategies, and enable effective decision making.

The RedEye open- source tool allows Red Team and Blue Team users to digest/ingest Cobalt Strike logs from a penetration test or Red Team engagement that uses Cobalt Strike, make them queryable, and present them in a graphical/timeline format. This allows for users to see relevant information about the campaign, campaign playback, explore key events and penetration paths in a campaign, allow for collaboration among users during and after the campaign, creation of presentations, and export of reports on a given campaign.

Link: CISA’s RedEye Tool Overview Video.

Link: CISA RedEye on GitHub

  Previous

Next  

  CATEGORIES


Compliance Bulletin Decisions & Notices ERO Enterprise Media Release NERC NPCC Regional Entities & Others Reliability Assessment Security Bulletin

  NEWS ARCHIVES


  Upcoming Events


  News Highlights


GridSecCon 2023 Registration is Open

June 12, 2023

NERC Issues Section 1600 Data Request for Internal Network Security Monitoring

May 25, 2023

Security Notice

This is a Northeast Power Coordinating Council, Inc. (NPCC) information system. You have no reasonable expectation of privacy regarding communications or data transiting or stored on NPCC’s information system. At any time and for any lawful purpose, NPCC may monitor, intercept, record, and search any communications or data transiting or stored on this information system. At NPCC’s sole discretion, NPCC may disclose pertinent information to the U.S. Government and its authorized representatives to protect the security of critical infrastructure and key resources, ensure information security, or to comply with any applicable law, regulation, legal process, or enforceable governmental request. By continuing, you acknowledge that you understand and consent to the terms and conditions described in this notice. The actual or attempted unauthorized access, use, or modification of this system is strictly prohibited and may subject violators to criminal, civil, and/or administrative action.