Test malware to evade detection
An adversary can run their code on systems with cyber security protections, such as antivirus products, in place to see if their code is detected. They can also test their malware on freely available public services. 
Tactic: Test Capabilities
DetectionDetectable by Common Defenses (Yes/No/Partial): No
Explanation: Adversary controls the testing and can ensure data does not leak with proper OPSEC on testing.
Difficulty for the AdversaryEasy for the Adversary (Yes/No): Yes
Explanation: Adversary has the ability to procure products and not have reporting return to vendors or can choose to use freely available services
- Damballa Day Before Zero Blog. (2009, December 17). Malware QA and Exploit Testing Services – Virtest.com. Retrieved March 9, 2017.