YoVDO

Don't Boil the Ocean - Using MITRE ATT&CK to Guide Hunting Activity

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Cybersecurity Courses Threat Hunting Courses Mitre Att&ck Framework Courses Adversary Emulation Courses

Course Description

Overview

Explore a focused approach to threat hunting using the MITRE ATT&CK framework in this 31-minute conference talk from Security BSides San Francisco 2019. Learn how to overcome the challenge of "boiling the ocean" by developing specific, purposeful hunting strategies. Discover techniques for building hypotheses and plans based on the MITRE ATT&CK framework, enabling more effective threat identification. Through an adversary emulation developed at Splunk, gain insights into applying ATT&CK techniques to identify artifacts and indicators. Understand how to leverage initial findings to drive additional hunts, creating a cyclical process that enhances operational effectiveness and deepens threat hunting capabilities.

Syllabus

BSidesSF 2019 - Don't Boil the Ocean: Using MITRE ATT&CK to Guide Hunting Activity (John Stoner)


Taught by

Security BSides San Francisco

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network