At the very beginning, we suggest familiarizing yourself with the techniques included in the EDRmetry Matrix and executing them individually @ TARGET_X using the Assume Breach approach. This will come down to using the logins and passwords of the testing environment that you know, including root privileges.

In the next step, within the Initial Access section, you will find ways to gain access to TARGET_X by exploiting installed vulnerable applications and services. This step is very important because it will allow you to reflect the behavior of systems and generate the needed relationships between processes and OS components.

From this level, you will learn how to build complex Linux attack chains, and thus check how a given EDR/Runtime Security engine will behave, and how many details of your offensive operations it will be able to catch.

Sounds like fun, doesn't it? Let's move on.