MITRE - ATT&CKcon, profile picture
Uploaded byMITRE - ATT&CKcon
PDF, PPTX913 views

Sharpening your Threat-Hunting Program with ATTACK Framework

The document discusses the enhancement of threat hunting programs using the MITRE ATT&CK framework, emphasizing the differences between threat hunting and detection methods. It highlights a case study on combating APT32, detailing the methodologies and findings related to advanced threats in a large enterprise context. Key takeaways include the importance of assuming a breach mindset, training for threat hunting skills, and developing a strategic roadmap for implementation.

Embed presentation

Download as PDF, PPTX
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework
Sharpening your Threat-Hunting Program with ATTACK Framework

More Related Content

PDF
From Theory to Practice: How My ATTACK Perspectives Have Changed
byMITRE - ATT&CKcon
 
PDF
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
byMITRE - ATT&CKcon
 
PDF
It's just a jump to the left (of boom): Prioritizing detection implementation...
byMITRE ATT&CK
 
PDF
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
byMITRE ATT&CK
 
PDF
MITRE ATT&CKcon 2.0: Lessons in Purple Team Testing with MITRE ATT&CK; Daniel...
byMITRE - ATT&CKcon
 
PDF
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
byMITRE ATT&CK
 
PDF
FIRST CTI Symposium: Turning intelligence into action with MITRE ATT&CK™
byKatie Nickels
 
PDF
Threat-Based Adversary Emulation with MITRE ATT&CK
byKatie Nickels
 
From Theory to Practice: How My ATTACK Perspectives Have Changed
byMITRE - ATT&CKcon
 
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
byMITRE - ATT&CKcon
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
byMITRE ATT&CK
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
byMITRE ATT&CK
 
MITRE ATT&CKcon 2.0: Lessons in Purple Team Testing with MITRE ATT&CK; Daniel...
byMITRE - ATT&CKcon
 
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
byMITRE ATT&CK
 
FIRST CTI Symposium: Turning intelligence into action with MITRE ATT&CK™
byKatie Nickels
 
Threat-Based Adversary Emulation with MITRE ATT&CK
byKatie Nickels
 

What's hot

PDF
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
byMITRE ATT&CK
 
PDF
Mapping ATT&CK Techniques to ENGAGE Activities
byMITRE ATT&CK
 
PDF
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
byMITRE ATT&CK
 
PDF
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
byMITRE ATT&CK
 
PDF
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
byMITRE - ATT&CKcon
 
PDF
State of the ATT&CK
byMITRE ATT&CK
 
PDF
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
byMITRE - ATT&CKcon
 
PDF
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
byMITRE - ATT&CKcon
 
PDF
How MITRE ATT&CK helps security operations
bySergey Soldatov
 
PDF
Introduction to MITRE ATT&CK
byArpan Raval
 
PDF
ATT&CK Updates- Defensive ATT&CK
byMITRE ATT&CK
 
PDF
MITRE ATT&CKcon 2018: Summiting the Pyramid of Pain: Operationalizing ATT&CK,...
byMITRE - ATT&CKcon
 
PPTX
Effective Threat Hunting with Tactical Threat Intelligence
byDhruv Majumdar
 
PDF
ATTACK-Onomics: Attacking the Economics Behind Techniques Used by Adversaries
byMITRE - ATT&CKcon
 
PPTX
Purple Teaming with ATT&CK - x33fcon 2018
byChristopher Korban
 
PPTX
Cyber threat intelligence: maturity and metrics
byMark Arena
 
PPTX
Leveraging MITRE ATT&CK - Speaking the Common Language
byErik Van Buggenhout
 
PDF
Global Cyber Threat Intelligence
byNTT Innovation Institute Inc.
 
PDF
Cyber Threat Intelligence
bymohamed nasri
 
PDF
Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...
byChris Gates
 
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
byMITRE ATT&CK
 
Mapping ATT&CK Techniques to ENGAGE Activities
byMITRE ATT&CK
 
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
byMITRE ATT&CK
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
byMITRE ATT&CK
 
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
byMITRE - ATT&CKcon
 
State of the ATT&CK
byMITRE ATT&CK
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
byMITRE - ATT&CKcon
 
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
byMITRE - ATT&CKcon
 
How MITRE ATT&CK helps security operations
bySergey Soldatov
 
Introduction to MITRE ATT&CK
byArpan Raval
 
ATT&CK Updates- Defensive ATT&CK
byMITRE ATT&CK
 
MITRE ATT&CKcon 2018: Summiting the Pyramid of Pain: Operationalizing ATT&CK,...
byMITRE - ATT&CKcon
 
Effective Threat Hunting with Tactical Threat Intelligence
byDhruv Majumdar
 
ATTACK-Onomics: Attacking the Economics Behind Techniques Used by Adversaries
byMITRE - ATT&CKcon
 
Purple Teaming with ATT&CK - x33fcon 2018
byChristopher Korban
 
Cyber threat intelligence: maturity and metrics
byMark Arena
 
Leveraging MITRE ATT&CK - Speaking the Common Language
byErik Van Buggenhout
 
Global Cyber Threat Intelligence
byNTT Innovation Institute Inc.
 
Cyber Threat Intelligence
bymohamed nasri
 
Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...
byChris Gates
 

Similar to Sharpening your Threat-Hunting Program with ATTACK Framework

PPTX
Putting MITRE ATT&CK into Action with What You Have, Where You Are
byKatie Nickels
 
PPTX
MITRE ATT&CK framework
byBhushan Gurav
 
PDF
PHDays 2018 Threat Hunting Hands-On Lab
byTeymur Kheirkhabarov
 
PDF
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
byMITRE ATT&CK
 
PPTX
Threat hunting and achieving security maturity
byDNIF
 
PDF
MITRE-Module 2 Slides.pdf
byReZa AdineH
 
PDF
Leveraging Campaigns to Untangle the Threat Group Ship of Theseus
byAdam Pennington
 
PPTX
The Indicators of Compromise
byTomasz Jakubowski
 
PPTX
How I Learned to Stop Information Sharing and Love the DIKW
bySounil Yu
 
PPTX
Enterprise-MITRE-ATTandCK-Threat-Hunting _ Updated.pptx
byBheemeshChowdary2
 
PPTX
Incident Response: Validation, Containment & Forensics
byPriyanka Aash
 
PPTX
Connecting the Dots - Mastering Alert Correlation for Proactive Defense in th...
byCloud Village
 
PDF
Advanced Threats and Lateral Movement Detection
byGreg Foss
 
PDF
MITRE-Module 3 Slides.pdf
byReZa AdineH
 
PPTX
BSides London 2017 - Hunt Or Be Hunted
byAlex Davies
 
PDF
State of ATT&CK
byAdam Pennington
 
PDF
Detection of Spreading Process on many assets over the network
bySecurity Bootcamp
 
PPTX
BSIDES-PR Keynote Hunting for Bad Guys
byJoff Thyer
 
PDF
4 Getting Started & 5 Leads
bySam Bowne
 
PDF
One Technique, Two Techniques, Red Technique, Blue Technique
byDaniel Weiss
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
byKatie Nickels
 
MITRE ATT&CK framework
byBhushan Gurav
 
PHDays 2018 Threat Hunting Hands-On Lab
byTeymur Kheirkhabarov
 
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
byMITRE ATT&CK
 
Threat hunting and achieving security maturity
byDNIF
 
MITRE-Module 2 Slides.pdf
byReZa AdineH
 
Leveraging Campaigns to Untangle the Threat Group Ship of Theseus
byAdam Pennington
 
The Indicators of Compromise
byTomasz Jakubowski
 
How I Learned to Stop Information Sharing and Love the DIKW
bySounil Yu
 
Enterprise-MITRE-ATTandCK-Threat-Hunting _ Updated.pptx
byBheemeshChowdary2
 
Incident Response: Validation, Containment & Forensics
byPriyanka Aash
 
Connecting the Dots - Mastering Alert Correlation for Proactive Defense in th...
byCloud Village
 
Advanced Threats and Lateral Movement Detection
byGreg Foss
 
MITRE-Module 3 Slides.pdf
byReZa AdineH
 
BSides London 2017 - Hunt Or Be Hunted
byAlex Davies
 
State of ATT&CK
byAdam Pennington
 
Detection of Spreading Process on many assets over the network
bySecurity Bootcamp
 
BSIDES-PR Keynote Hunting for Bad Guys
byJoff Thyer
 
4 Getting Started & 5 Leads
bySam Bowne
 
One Technique, Two Techniques, Red Technique, Blue Technique
byDaniel Weiss
 

More from MITRE - ATT&CKcon

PDF
Using ATTACK to Create Cyber DBTS for Nuclear Power Plants
byMITRE - ATT&CKcon
 
PDF
Helping Small Companies Leverage CTI with an Open Source Threat Mapping
byMITRE - ATT&CKcon
 
PDF
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
byMITRE - ATT&CKcon
 
PDF
State of the ATTACK
byMITRE - ATT&CKcon
 
PDF
MITRE ATT&CKcon 2.0: Flashback with ATT&CK: Exploring Malware History with AT...
byMITRE - ATT&CKcon
 
PDF
MITRE ATTACKCon Power Hour - December
byMITRE - ATT&CKcon
 
PDF
MITRE ATT&CKcon Power Hour - November
byMITRE - ATT&CKcon
 
PDF
MITRE ATTACKcon Power Hour - January
byMITRE - ATT&CKcon
 
PDF
What's New with ATTACK for ICS?
byMITRE - ATT&CKcon
 
PDF
ATTACKing the Cloud: Hopping Between the Matrices
byMITRE - ATT&CKcon
 
PDF
MITRE ATTACKcon Power Hour - October
byMITRE - ATT&CKcon
 
PDF
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
byMITRE - ATT&CKcon
 
PDF
Putting the PRE into ATTACK
byMITRE - ATT&CKcon
 
PDF
What's a MITRE with your Security?
byMITRE - ATT&CKcon
 
PDF
TA505: A Study of High End Big Game Hunting in 2020
byMITRE - ATT&CKcon
 
PDF
Mapping the EventBot Mobile Banking Trojan with MITRE ATTACK for Mobile
byMITRE - ATT&CKcon
 
PDF
Transforming Adversary Emulation Into a Data Analysis Question
byMITRE - ATT&CKcon
 
PDF
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
byMITRE - ATT&CKcon
 
PDF
What's New with ATTACK for Cloud?
byMITRE - ATT&CKcon
 
PDF
Starting Over with Sub-Techniques
byMITRE - ATT&CKcon
 
Using ATTACK to Create Cyber DBTS for Nuclear Power Plants
byMITRE - ATT&CKcon
 
Helping Small Companies Leverage CTI with an Open Source Threat Mapping
byMITRE - ATT&CKcon
 
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
byMITRE - ATT&CKcon
 
State of the ATTACK
byMITRE - ATT&CKcon
 
MITRE ATT&CKcon 2.0: Flashback with ATT&CK: Exploring Malware History with AT...
byMITRE - ATT&CKcon
 
MITRE ATTACKCon Power Hour - December
byMITRE - ATT&CKcon
 
MITRE ATT&CKcon Power Hour - November
byMITRE - ATT&CKcon
 
MITRE ATTACKcon Power Hour - January
byMITRE - ATT&CKcon
 
What's New with ATTACK for ICS?
byMITRE - ATT&CKcon
 
ATTACKing the Cloud: Hopping Between the Matrices
byMITRE - ATT&CKcon
 
MITRE ATTACKcon Power Hour - October
byMITRE - ATT&CKcon
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
byMITRE - ATT&CKcon
 
Putting the PRE into ATTACK
byMITRE - ATT&CKcon
 
What's a MITRE with your Security?
byMITRE - ATT&CKcon
 
TA505: A Study of High End Big Game Hunting in 2020
byMITRE - ATT&CKcon
 
Mapping the EventBot Mobile Banking Trojan with MITRE ATTACK for Mobile
byMITRE - ATT&CKcon
 
Transforming Adversary Emulation Into a Data Analysis Question
byMITRE - ATT&CKcon
 
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
byMITRE - ATT&CKcon
 
What's New with ATTACK for Cloud?
byMITRE - ATT&CKcon
 
Starting Over with Sub-Techniques
byMITRE - ATT&CKcon
 

Recently uploaded

PPTX
Tracking Progress on Monitoring, Evaluation, and Learning for National Adapta...
byNAP Global Network
 
PDF
Lista de ciudadanos bolivianos registrados como postulantes para vocales del ...
bygyapura1
 
PPTX
School improvement Plan Crafting workshop
bykhristinirishrontas4
 
PDF
PPT Item # 13 - Financial & Inv. Report 4th Qtr
byahcitycouncil
 
PPTX
Copy of Presentation - CY-2025-LGU-Profiling-Orientation-November-27-2025.pptx
byEphraimSaarenas1
 
PDF
UNEP Global Environment Outlook_7 - Full Report
byEnergy for One World
 
PPTX
Enhanced_Future_Ready_Workforce_Viksit_Bharat_PPT.pptx
byp9745542
 
PPTX
Peace and Order and Public Safety-Planning-and-POPS-PCMS
byEphraimSaarenas1
 
PDF
Mind over matter: Attention’s capture, & retention as new battlespace
bySanjana Hattotuwa
 
PPTX
Chapter 1oneGlobal trend. power point presentation
bydessiea134
 
PDF
Rapport sur la National Security Strategy de 2025
bySociété Tripalio
 
PDF
US Government 2025 National Security Strategy
byEnergy for One World
 
PPTX
BLOOD TRANSFUSION physiology and pathology .pptx
byggdharra
 
PPTX
Did America’s GDP Improve After Trump Returned?
byKritika Chauhan
 
PDF
Item # 10 - Coral Studios Public Park proposed design development
byahcitycouncil
 
PDF
PPT Item # 10 - Coral Studio Public Park proposed design development
byahcitycouncil
 
PDF
Item # 11 - Notice of Intent (NOI) 6900 Broadway
byahcitycouncil
 
PDF
Commentary by Dutch NewsPaper on the Trump administration National Security v...
byEnergy for One World
 
PPTX
Emergency care in the streets chapter 43
byJustinYarnell
 
PDF
UNEP Global Environment Outlook : GEO7-Key-Messages
byEnergy for One World
 
Tracking Progress on Monitoring, Evaluation, and Learning for National Adapta...
byNAP Global Network
 
Lista de ciudadanos bolivianos registrados como postulantes para vocales del ...
bygyapura1
 
School improvement Plan Crafting workshop
bykhristinirishrontas4
 
PPT Item # 13 - Financial & Inv. Report 4th Qtr
byahcitycouncil
 
Copy of Presentation - CY-2025-LGU-Profiling-Orientation-November-27-2025.pptx
byEphraimSaarenas1
 
UNEP Global Environment Outlook_7 - Full Report
byEnergy for One World
 
Enhanced_Future_Ready_Workforce_Viksit_Bharat_PPT.pptx
byp9745542
 
Peace and Order and Public Safety-Planning-and-POPS-PCMS
byEphraimSaarenas1
 
Mind over matter: Attention’s capture, & retention as new battlespace
bySanjana Hattotuwa
 
Chapter 1oneGlobal trend. power point presentation
bydessiea134
 
Rapport sur la National Security Strategy de 2025
bySociété Tripalio
 
US Government 2025 National Security Strategy
byEnergy for One World
 
BLOOD TRANSFUSION physiology and pathology .pptx
byggdharra
 
Did America’s GDP Improve After Trump Returned?
byKritika Chauhan
 
Item # 10 - Coral Studios Public Park proposed design development
byahcitycouncil
 
PPT Item # 10 - Coral Studio Public Park proposed design development
byahcitycouncil
 
Item # 11 - Notice of Intent (NOI) 6900 Broadway
byahcitycouncil
 
Commentary by Dutch NewsPaper on the Trump administration National Security v...
byEnergy for One World
 
Emergency care in the streets chapter 43
byJustinYarnell
 
UNEP Global Environment Outlook : GEO7-Key-Messages
byEnergy for One World