Operationalizing the MITRE ATTCK Framework
Offered By: YouTube
Course Description
Overview
Learn about operationalizing the MITRE ATT&CK Framework in this conference talk from BSides Cleveland 2019. Explore the ATT&CK background, taxonomy, and its utility for penetration testing. Discover existing tools and identify gaps in the ATT&CK ecosystem. Delve into practical examples, including DLL techniques and payload deployment with Ansible. Examine the speaker's proposed analytical model for defense, its implementation, and potential confounding variables. Gain insights into future work and participate in a Q&A session to deepen your understanding of applying the ATT&CK framework in real-world scenarios.
Syllabus
Intro
Overview
ATT&CK Background
ATT&CK Taxonomy
Useful Technique Data
Utility of ATT&CK for Penetration Testing - Research question: How many techniques directly applicable to
Existing Tools for ATT&CK
What tools do not exist...
Quick Aside on Student Competitions
Needs Requirement
ATT&CK Techniques Considered (2)
DLL Hello World
DLL Shenanigans
Payloads (1)
Deployment with Ansible
Technique Success?
Switching to Defense
Proposed Analytical Model
Example
Implementation
Model Success... or Lack Thereof
Confounding Variables
Future Work
QUESTIONS?
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network