Contextualizing the MITRE ATT&CK� Framework



The MITRE ATT&CK framework is a powerful tool that provides a language to define, track, and categorize attacker tactics, techniques, and procedures (TTPs). But what if you could use it to gain a deeper understanding of how, why, and when attackers may abuse a technique? By combining threat actor intelligence with the ATT&CK "dictionary," you can add critical context to your detections to increase the effectiveness of your security controls tests and the fidelity of your results.

 

In this webcast, Matt Bromiley, SANS digital Forensics and Incident Response (DFIR) instructor, describes how you can make the most of ATT&CK and develop a process to read, interpret, contextualize, and test within your environment.

 

Attendees will learn to:

  • Use ATT&CK to read threat intelligence reports and identify key TTPs for control testing.
  • Design efficient, lifecycle-appropriate security control tests that increase the fidelity of your results.
  • Use control testing to identify and prioritize visibility gaps.
  • Determine how your environment would hold up against the latest in attacker techniques.
  • Understand the limitations of ATT&CK.

Register today and be among the first to receive the associated whitepaper written by Matt Bromiley.

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


This event has no exhibitor/sponsor opportunities


When
Tue, Apr 27, 2021, 10:30am ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results