Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework

preview_player
Показать описание
Through the ATT&CK framework, MITRE has generated a gold mine of information about the most important tactics and techniques used by attackers and how the blue team can detect and prevent these actions. Blocking atomic attack indicators such as domain names and IP addresses might work in the short term, but understanding the higher-level tactics in ATT&CK helps the blue team identify and anticipate attacker activity at a higher level of abstraction, slowing attackers down and giving defenders a fighting chance.

Attendees at this webcast will learn:

-Why the framework is so important to security teams
-How the matrix is evolving
-What challenges users need to address to use the ATT&CK framework
-How to use ATT&CK to improve operations
-What best practices and tools are key to successfully using the framework

Speaker Bio
John Hubbard

John Hubbard is a certified SANS instructor and the author of two courses: SEC450: Blue Team Fundamentals: Security Operations and Analysis and SEC455: SIEM Design & Implementation. As a security operations center (SOC) consultant and speaker, John specializes in security operations, threat hunting, network security monitoring, SIEM design and defensive process optimization. His mission to improve blue teams led him to partner with SANS to help develop the next generation of defensive talent around the world.
  1. Corelight
Рекомендации по теме
Measuring and Improving 1:00:03

Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework

Measuring Cyber Defense 0:22:48

Measuring Cyber Defense With The MITRE Framework - Marcus Osterloh

Building the Better 0:16:24

Building the Better Playbook: Techniques to Improve Repeatability | SANS Cyber Defense Forum 2020

A Day in 0:00:16

A Day in the Life of Cyber Security | SOC Analyst | Penetration Tester | Cyber Security Training

Strategy 10: Measure 0:54:05

Strategy 10: Measure Performance to Improve Performance

Strategy 10: Measure 0:52:33

Strategy 10: Measure Performance to Improve Performance | SANS Blueprint Podcast

DEFCON 22: Measuring 0:42:36

DEFCON 22: Measuring the IQ of your Threat Intelligence Feeds (#tiqtest)

Metrics on Steroids: 0:37:16

Metrics on Steroids: Improving SOC Maturity using the SOC-CMM | SANS Cyber Defense Forum 2020

CompTIA SecurityX is 0:50:14

CompTIA SecurityX is here (CASP+ is no more): What you need to know

Measure What Matters: 0:16:31

Measure What Matters: How to Use ATT&CK to Do the Right Things in the Right Order – January 2021...

Taking Your Detection 0:22:18

Taking Your Detection Program to the Next Level | SANS Cyber Defense Forum 2020

Evaluate the Strength 0:01:06

Evaluate the Strength of Your Cyber Defense Program with the NCSR

Sounil Yu, The 0:33:05

Sounil Yu, The Cyber Defense Matrix: A Scientific Model for Cybersecurity

Cyber Defense Matrix: 0:46:18

Cyber Defense Matrix: Revolutions

Measuring the ROI 0:03:28

Measuring the ROI of Cyber Security

Webinar: Measuring Effectiveness 0:57:30

Webinar: Measuring Effectiveness With MITRE ATT&CK

Cybersecurity Threat Hunting 0:06:51

Cybersecurity Threat Hunting Explained

Measuring Your Cyber 0:46:04

Measuring Your Cyber Security Risks

A Day in 0:00:57

A Day in the Life of a Cybersecurity Consultant

Adversary Simulation: Measure 0:36:48

Adversary Simulation: Measure and Close the Gaps in Your Security Posture

Webinar: Building, Measuring, 0:55:04

Webinar: Building, Measuring, and Maintaining a Cybersecurity Program with NIST and MITRE ATT&CK

DEF CON 29 0:27:17

DEF CON 29 Biohacking Village - Sounil Yu - Cyber Defense Matrix in Healthcare

CTA Webinar Metrics 0:38:24

CTA Webinar Metrics that Matter: Measuring and Communicating Progress in Cyber in 2023

Rob van Os: 0:50:17

Rob van Os: Maturing your Cyber Defense