YoVDO

Don't Boil the Ocean - Using MITRE ATT&CK to Guide Hunting Activity

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Cybersecurity Courses Threat Hunting Courses Mitre Att&ck Framework Courses Adversary Emulation Courses

Course Description

Overview

Explore a focused approach to threat hunting using the MITRE ATT&CK framework in this 31-minute conference talk from Security BSides San Francisco 2019. Learn how to overcome the challenge of "boiling the ocean" by developing specific, purposeful hunting strategies. Discover techniques for building hypotheses and plans based on the MITRE ATT&CK framework, enabling more effective threat identification. Through an adversary emulation developed at Splunk, gain insights into applying ATT&CK techniques to identify artifacts and indicators. Understand how to leverage initial findings to drive additional hunts, creating a cyclical process that enhances operational effectiveness and deepens threat hunting capabilities.

Syllabus

BSidesSF 2019 - Don't Boil the Ocean: Using MITRE ATT&CK to Guide Hunting Activity (John Stoner)


Taught by

Security BSides San Francisco

Related Courses

Privilege Escalation with Rubeus
Pluralsight
Reconnaissance with OWASP Amass
Pluralsight
Defense Evasion with ProxyChains
Pluralsight
Reconnaissance with Sn1per
Pluralsight
Execution with macro_pack
Pluralsight