Robot Framework and endpoint detection agents at Secureworks
03-01, 16:00–16:30 (UTC), Gather Town

This talk will cover various high-level ways that Robot Framework is utilized at Secureworks for testing endpoint detection agents used on thousands of Linux, Mac and Windows customer's machines.

"The world has many cybersecurity threat actors that will use any tool at their disposal to expose and monopolize potential security vulnerabilities. At Secureworks, we keep an open-mind about learning the latest adversary tactics, and seamlessly switching context to experiment with new bleeding edge detection techniques. For the past 2.5 years I have proven to my team that Robot Framework is the ideal QA swiss-army-tool to match the context switching that is required to build high-quality XDR products.

In this talk I will give a high-level overview of how the Secureworks Agent QA Team uses Robot Framework for various endpoint agent test strategies, such as...
- Robot Framework and Docker strategies testing endpoint agents on Virtual Machines
- Automation at scale through QA GitLab pipelines (Linux, Mac and Windows)
- Parallel running Robot Framework Gatling + Docker load test strategies
- Torture testing an endpoint agent using Robot Framework with Chaos Testing and Model Based Testing
- Combining PaBot + Vagrant + Robot Framework DataDriver Library to dynamically automate the MITRE ATT&CK Framework"

I have been a tester for roughly 18 years and currently working at Secureworks as a QA Tech Lead for the Taegis Agent Team. I have worked in agency and product companies. I love testing, and have an insatiable curiosity for researching anything related to testing. At the moment I am most interested in experimenting with software test oracles, machine learning tools, fuzz testing, model based testing, and learning more about rapid software testing methodology (