Operationalizing the MITRE ATTCK Framework
Offered By: YouTube
Course Description
Overview
Learn about operationalizing the MITRE ATT&CK Framework in this conference talk from BSides Cleveland 2019. Explore the ATT&CK background, taxonomy, and its utility for penetration testing. Discover existing tools and identify gaps in the ATT&CK ecosystem. Delve into practical examples, including DLL techniques and payload deployment with Ansible. Examine the speaker's proposed analytical model for defense, its implementation, and potential confounding variables. Gain insights into future work and participate in a Q&A session to deepen your understanding of applying the ATT&CK framework in real-world scenarios.
Syllabus
Intro
Overview
ATT&CK Background
ATT&CK Taxonomy
Useful Technique Data
Utility of ATT&CK for Penetration Testing - Research question: How many techniques directly applicable to
Existing Tools for ATT&CK
What tools do not exist...
Quick Aside on Student Competitions
Needs Requirement
ATT&CK Techniques Considered (2)
DLL Hello World
DLL Shenanigans
Payloads (1)
Deployment with Ansible
Technique Success?
Switching to Defense
Proposed Analytical Model
Example
Implementation
Model Success... or Lack Thereof
Confounding Variables
Future Work
QUESTIONS?
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent