An Expanded Graphical User Interface for Web-Based Cyber Automated Red Teaming Tool (CARTT)
Abstract
The Department of Defense's (DOD) Cyber Red Teams are often a group of ethical hackers and offensive-trained security professionals who must continuously stay ahead of cybercriminals' known tactics, techniques, and procedures. The Cyber Red Team certification and accreditation life cycle requires ongoing funding and time, while the United States' near-peer state actors and non-state actors are continuously trying to breach its cybersecurity defenses. The information technology infrastructure must be continuously assessed for vulnerabilities; failing to do so will impact United States national security. These assessments require time and qualified security personnel, both of which are in short supply. The Cyber Automated Red Team Tool (CARTT) was previously developed at NPS to address personnel, time, and cost-related shortages in Cyber Red Teams. This research extends CARTT's capabilities by implementing a web-based front-end graphical user interface (GUI) that enables non-expert users to identify vulnerabilities and launch exploits to help mitigate network vulnerabilities. This extended CARTT increases the DOD's network systems' cyber-readiness posture by providing necessary fixes, patches, and remediations.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 2021
- Accession Number
- AD1164262
Entities
People
- Ousmane M. Goumandakoye
Organizations
- Naval Postgraduate School