►
Description
What is Breach and Attack Simulation? Learn more about this new Single-Engineer Group's focus at GitLab!
A
Hey
y'all
welcome
to
the
breachnessac
simulation
weekly
updates,
so
my
name
is
Aaron
Kerry
I'm
a
new
face
around
here,
I
just
joined
gitlab
as
a
staff
engineer
on
the
incubation
team,
I'm
going
to
be
jumping
in
as
the
breach
and
attacking
licensing
legendary
group
I'm,
pretty
excited
so
without
further
Ado.
Let's
just
share
what
I'm
going
to
be
working
on
so
region
attack
simulation
if
you're
familiar
with
vulnerability
management,
you
already
may
have
an
idea
one
of
the
major
problems
in
a
vulnerability
management
tool
on
its
own.
A
So
when
you
get
a
vulnerability
management
tool,
you
may
end
up
with
a
report
with
hundreds
of
vulnerabilities
and
what
breach
and
tax
simulation
allows
you
to
do.
Is
it
takes
penetration
testing
to
the
next
level?
It
takes
hacker
techniques
that
a
penetration
tester
would
do
manually
on
your
network
and
give
you
a
report.
Vibration
attack
simulation
allows
you
to
do
is
on
top
of
your
existing
vulnerability
management
solution
or
on
top
of
tooling,
that
may
be
provided
through
gitlab
in
your
pipeline
breach.
A
Attack
simulation
is
going
to
give
the
ability
to
do
external
penetration
against
some
of
your
services
and
applications
that
you're
developing.
What
this
will
provide
provide
is
the
ability
for
you
to
see
which
vulnerabilities
you
can
prioritize
remediating,
because
those
are
going
to
be
low
hanging
fruits
for
attackers
and
attackers
are
always
going
to
use
the
low-hanging
fruits.
A
It's
a
really
common
thing
in
the
sort
of
a
fast
security
space
where
you're
able
to
go
ahead
and
use
a
lot
of
these
common
techniques
and
adding
a
breach
and
attack
simulation
capability
at
the
test
and
deploy
stage
of
the
pipeline
is
going
to
make
it
easier
for
teams
to
figure
out
what
these
low
hanging
fruit
may
look
like
for
an
attacker,
so
that,
because
this
is
my
first
move,
onboarding
there's
not
much
more
of
an
update.
A
A
You
can
then
go
from
that
gitlab.org
into
incubation
engineering.
The
breach
and
attack
simulation
under
this
meta
project.
In
here,
I've
got
an
issue
set
up.
This
is
similar
to
the
rest
of
the
incubation
engineering
team.
So
don't
get
too
much
into
it,
but
here
is
going
to
be
a
list
of
past
updates
where
I'll
go
through
and
add
recordings
for
each
update.
This
will
happen
weekly,
whether
it's
in
the
form
of
blog
posts
or
if
it's
in
some
other
forms,
such
as
video
update
like
this
on
gitlab
unfiltered.
A
You
could
share
the
ability
here
to
get
a
sense
of
where
the
project
is
going
over
time
and
I'll
be
making
updates
here,
if
I'm
linking
any
other
projects
or
issues
you'll,
see
all
the
links
in
here.
If
there's
anything
that
you'd
love
to
see
or
any
feedback,
you'd
love
to
give
around
the
direction,
breach
and
tax
simulation
I
would
love
for
you
to
provide
feedback
in
here.
A
I'm
super
happy
to
have
an
open
discussion
around
this
outside
of
that
gitlab,
unfiltered
I'm,
sure
you've
seen
us
on
YouTube
Hello
but
yeah
make
sure
to
just
like
and
subscribe
to
these
videos
if
you're,
finding
this
playlist,
useful
and
I
hope
to
hear
from
you
again.
Thank
you.
Bye.