by RedEye, a red team analysis tool jointly developed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Department of Energy’s Pacific Northwest National Laboratory (CNNL), was open sourced through GitHub last week. RedEye is an interactive analytics tool that visualizes and reports red team command and control activities, allowing operators to quickly access complex data, evaluate mitigation strategies, and ultimately facilitate effective decision-making. It analyzes various logs, such as those from Cobalt Strike, and presents them in an easy-to-understand format; allowing users to annotate specific activities.
