Advertisement
MITRE - Why It Matters
Report
Mar. 23, 2023•0 likes•22 views
0 likes
Be the first to like this
Show More
views
Total views
0
On Slideshare
0
From embeds
0
Number of embeds
0
Check these out next
MITRE - Why It Matters
Mar. 23, 2023•0 likes•22 views
0 likes
Be the first to like this
Show More
views
Total views
0
On Slideshare
0
From embeds
0
Number of embeds
0
Report
Technology
MITRE - Why It Matters Bill Carter - CATO Networks The MITRE ATT&CK Framework may be a familiar term to cyber professionals, but what are its practical uses? Join Bill Carter of Cato Networks as he discusses the MITRE ATT&CK Framework. Learn how it can be practically utilized for SOC Assessments, Adversary Emulation Exercises, Cyber Threat Intelligence, Threat Detection, and Purple Teaming Methodology to bolster your security posture.
Advertisement
Advertisement
Advertisement
Recommended
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...PROIDEA
How Cloud Computing will change how you and your team will run ITPeter HJ van Eijk
2-25-2014 Part 1 - NRECA Kickoff Meeting v2Charles "Chuck" Speicher Jr.
Nreca kickoff meetingCharles "Chuck" Speicher Jr.
Encryption in industrial control systems; Is the juice worth the squeeze?Brian Proctor - GICSP, CISSP, CRISC
IT & Security opportunities 2015Sumeer Sharma
MITRE - Why It Matters
- Bill Carter Cybersecurity Engineer MITRE – Why It Matters Cato Networks. The Global SASE Leader.
- Bona Fides | 2
- What Is MITRE? 3
- History of MITRE • Founded in 1958 as Not-For-Profit • Technical Guidance for US Air Force • 1959 – FAA and Air Traffic Control • 1962 – Data Acquisition, Data Processing, System Sciences, Computer Programming • 1971 – Joins ARPANET • 1985 – First Ever .org Domain • 1995 – Y2K Conversion Key Consultant • 1999 – CVE System Created • 2003 – Expansion into Cybersecurity • 2013 – ATT&CK Knowledge Base Developed | 4
- What Is ATT&CK? 5
- What Is ATT&CK? | 6
- What We Usually Think | 7
- TTPs | 8
- Flexible Management • Self-service • Co-managed • Fully managed 9 NG Firewall Secure Web Gateway Advanced Threat Prevention Cloud and Mobile Security Cloud Optimization WAN Optimization Global Route Optimization Self-healing Architecture Branch Datacenter IPSec Internet MPLS Hybrid/Multi Cloud Agentless Mobile Client/Clientless SDP PoP Converged Network & Security TTPs | 9
- Pyramid of Pain David Bianco, SANS Institute | 11
- Cyber Threat Intelligence 12
- Who’s Who | 13
- Playbook | 14
- Adversary Emulation 15
- A Proactive Approach | 16
- Flexible Management • Self-service • Co-managed • Fully managed 17 NG Firewall Secure Web Gateway Advanced Threat Prevention Cloud and Mobile Security Cloud Optimization WAN Optimization Global Route Optimization Self-healing Architecture Branch Datacenter IPSec Internet MPLS Hybrid/Multi Cloud Agentless Mobile Client/Clientless SDP PoP Converged Network & Security Adversary Behaviors | 17
- Attack Flow | 18
- Flexible Management • Self-service • Co-managed • Fully managed 19 NG Firewall Secure Web Gateway Advanced Threat Prevention Cloud and Mobile Security Cloud Optimization WAN Optimization Global Route Optimization Self-healing Architecture Branch Datacenter IPSec Internet MPLS Hybrid/Multi Cloud Agentless Mobile Client/Clientless SDP PoP Converged Network & Security “Recipe Card” | 19
- | 20
- Purple Teaming 21
- Red vs. Blue | 22
- Purple Team Methodology | 23
- Threat Detection 24
- What To Watch | 25
- SOC Assessment 26
- Heatmap | 27
- Moving Forward 28
- Resources • https://attack.mitre.org • https://mitre-attack.github.io/attack-navigator/ • https://app.cybrary.it/my-learning • https://mad.mitre-engenuity.org/ | 29
- Cato SASE. Ready for Whatever’s Next. Thank You! 30
Editor's Notes
- Real World Behaviors
Advertisement