29      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778681 - The Map and the Territory: MITRE ATT&CK In Theory and Practice


Oct 18, 2021 11:00am ‐ Oct 18, 2021 12:00pm



Credits: None available.

Description

Cybersecurity practitioners have often drawn insights and ideas from other domains, relying on their insights, adopting their maxims and terminology. Sun Tzu famously wrote, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” Carl Linneaus is credited with developing the standard taxonomy for naming organisms. Only recently, however, has our industry begun to effectively apply the synthesis of such ideas. The MITRE ATT&CK Framework, publicly released in 2015, has been growing in scope and influence, but it is not the first of its kind. How does it compare with its predecessors in improving our understanding of adversary behavior and our defenses? This talk describes key concepts and goals of MITRE ATT&CK to help support successful implementations.

Learning Objectives:
  • Understand the origins, design goals and components of the MITRE ATT&CK Framework.
  • Compare and contrast the MITRE ATT&CK Framework with other frameworks in order to judge appropriateness for and applicability to an organization's security programs.
  • Use the MITRE ATT&CK Framework to correlate between offensive actions and defensive capabilities and measure coverage of ATT&CK techniques.

Speaker(s):

Tags: Intermediate

Credits

  • 1.00 - CPE

You must be logged in and own this session in order to post comments.

charles searl
10/19/21 5:43 pm

watched the session but never saw any alertness checks like the live session? will look for the eval form

Michiel Spoor
10/20/21 7:23 am

@Charles Searl - the eval form is in the 'CE Information' tab.

Isabel Raven
10/21/21 8:49 pm

Liked the openness of his closing remark "For me, the value of MITRE is less a compliance exercise and more one of trying to do a quantitative assessment of what your defenses really look like."

David Zarsky
11/1/21 4:26 pm

No alertness checks that I saw either. Also agree that the framework is more of a look back, than ahead.

Susan Richardson
11/24/21 9:10 am

Being able to look back is very valuable - -and to have a comprehensive look at techniques, tactics, etc all in one place is so efficient.