Protocol first
The project starts with a locked research protocol before corpus collection, mutation generation, evaluation, or analysis begins.
Protocol v1.0.0 - Locked
BrittleBench
A defender's audit of public detection content robustness.
A research project measuring how robust public YARA, Elastic, and high-fidelity Sigma-to-Elastic detection content remains under validated, functionally equivalent mutations of the behaviors those rules are intended to detect.
Detection robustness
BrittleBench studies whether public detection rules generalize across functionally equivalent variants of the behaviors they target.
Responsible release
Raw mutation artifacts and dual-use details are handled separately from sanitized public benchmark outputs.