@staticnoisexyz I agree, how do we establish that balance? IOCs coupled with the release of open source offensive tooling is a tough one. Blue's priority is to develop detection for said C2 frameworks, Red's priority is to bypass detections or rather, remain undetected.