Submit Search
Upload
ATT&CK Updates- Defensive ATT&CK
•
1 like
•
681 views
M
MITRE ATT&CK
Follow
From ATT&CKcon 3.0 By Lex Crumpton, MITRE ATT&CK
Read less
Read more
Technology
Report
Share
Report
Share
1 of 9
Download now
Download to read offline
Recommended
Mapping ATT&CK Techniques to ENGAGE Activities
Mapping ATT&CK Techniques to ENGAGE Activities
MITRE ATT&CK
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
MITRE ATT&CK
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
MITRE ATT&CK
ATT&CK Updates- Campaigns
ATT&CK Updates- Campaigns
MITRE ATT&CK
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
MITRE ATT&CK
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue Divide
MITRE ATT&CK
State of the ATT&CK
State of the ATT&CK
MITRE ATT&CK
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
MITRE ATT&CK
Recommended
Mapping ATT&CK Techniques to ENGAGE Activities
Mapping ATT&CK Techniques to ENGAGE Activities
MITRE ATT&CK
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
MITRE ATT&CK
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
MITRE ATT&CK
ATT&CK Updates- Campaigns
ATT&CK Updates- Campaigns
MITRE ATT&CK
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
MITRE ATT&CK
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue Divide
MITRE ATT&CK
State of the ATT&CK
State of the ATT&CK
MITRE ATT&CK
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
MITRE ATT&CK
The ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT Playbook
MITRE ATT&CK
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the Center
MITRE ATT&CK
ATT&CK Updates- ATT&CK's Open Source
ATT&CK Updates- ATT&CK's Open Source
MITRE ATT&CK
ATT&CK Updates- ATT&CK for mac/Linux
ATT&CK Updates- ATT&CK for mac/Linux
MITRE ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
MITRE ATT&CK
The ATT&CK Philharmonic
The ATT&CK Philharmonic
MITRE ATT&CK
Automating the mundanity of technique IDs with ATT&CK Detections Collector
Automating the mundanity of technique IDs with ATT&CK Detections Collector
MITRE ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
MITRE ATT&CK
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
MITRE ATT&CK
Landing on Jupyter: The transformative power of data-driven storytelling for ...
Landing on Jupyter: The transformative power of data-driven storytelling for ...
MITRE ATT&CK
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
MITRE ATT&CK
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
MITRE ATT&CK
ATT&CKcon Intro
ATT&CKcon Intro
MITRE ATT&CK
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
MITRE ATT&CK
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
MITRE ATT&CK
ATT&CK Updates- ATT&CK for ICS
ATT&CK Updates- ATT&CK for ICS
MITRE ATT&CK
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
MITRE ATT&CK
MITRE ATT&CKcon 2.0: ATT&CK Coverage Assessment from a Data Perspective; Olaf...
MITRE ATT&CKcon 2.0: ATT&CK Coverage Assessment from a Data Perspective; Olaf...
MITRE - ATT&CKcon
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
MITRE - ATT&CKcon
When Insiders ATT&CK!
When Insiders ATT&CK!
MITRE ATT&CK
DevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @Crowdstrike
Cosmin Bratu
Putting the PRE into ATTACK
Putting the PRE into ATTACK
MITRE - ATT&CKcon
More Related Content
What's hot
The ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT Playbook
MITRE ATT&CK
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the Center
MITRE ATT&CK
ATT&CK Updates- ATT&CK's Open Source
ATT&CK Updates- ATT&CK's Open Source
MITRE ATT&CK
ATT&CK Updates- ATT&CK for mac/Linux
ATT&CK Updates- ATT&CK for mac/Linux
MITRE ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
MITRE ATT&CK
The ATT&CK Philharmonic
The ATT&CK Philharmonic
MITRE ATT&CK
Automating the mundanity of technique IDs with ATT&CK Detections Collector
Automating the mundanity of technique IDs with ATT&CK Detections Collector
MITRE ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
MITRE ATT&CK
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
MITRE ATT&CK
Landing on Jupyter: The transformative power of data-driven storytelling for ...
Landing on Jupyter: The transformative power of data-driven storytelling for ...
MITRE ATT&CK
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
MITRE ATT&CK
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
MITRE ATT&CK
ATT&CKcon Intro
ATT&CKcon Intro
MITRE ATT&CK
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
MITRE ATT&CK
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
MITRE ATT&CK
ATT&CK Updates- ATT&CK for ICS
ATT&CK Updates- ATT&CK for ICS
MITRE ATT&CK
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
MITRE ATT&CK
MITRE ATT&CKcon 2.0: ATT&CK Coverage Assessment from a Data Perspective; Olaf...
MITRE ATT&CKcon 2.0: ATT&CK Coverage Assessment from a Data Perspective; Olaf...
MITRE - ATT&CKcon
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
MITRE - ATT&CKcon
When Insiders ATT&CK!
When Insiders ATT&CK!
MITRE ATT&CK
What's hot
(20)
The ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT Playbook
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the Center
ATT&CK Updates- ATT&CK's Open Source
ATT&CK Updates- ATT&CK's Open Source
ATT&CK Updates- ATT&CK for mac/Linux
ATT&CK Updates- ATT&CK for mac/Linux
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
The ATT&CK Philharmonic
The ATT&CK Philharmonic
Automating the mundanity of technique IDs with ATT&CK Detections Collector
Automating the mundanity of technique IDs with ATT&CK Detections Collector
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Landing on Jupyter: The transformative power of data-driven storytelling for ...
Landing on Jupyter: The transformative power of data-driven storytelling for ...
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
ATT&CKcon Intro
ATT&CKcon Intro
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
ATT&CK Updates- ATT&CK for ICS
ATT&CK Updates- ATT&CK for ICS
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
MITRE ATT&CKcon 2.0: ATT&CK Coverage Assessment from a Data Perspective; Olaf...
MITRE ATT&CKcon 2.0: ATT&CK Coverage Assessment from a Data Perspective; Olaf...
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
When Insiders ATT&CK!
When Insiders ATT&CK!
Similar to ATT&CK Updates- Defensive ATT&CK
DevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @Crowdstrike
Cosmin Bratu
Putting the PRE into ATTACK
Putting the PRE into ATTACK
MITRE - ATT&CKcon
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Ulrich Seldeslachts
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
ControlCase
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE - ATT&CKcon
Becoming a Yogi on Mac ATT&CKwith OceanLotus Postures
Becoming a Yogi on Mac ATT&CKwith OceanLotus Postures
Adam Pennington
Log Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
Kai Wähner
Autonomous Database Security Features
Autonomous Database Security Features
SinanPetrusToma
How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...
Vsevolod Shabad
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
EMEA Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
EMEA Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
lior mazor
EIC 2022 - Elimity - Trimming down user access governance to its essentials
EIC 2022 - Elimity - Trimming down user access governance to its essentials
Maarten Decat
Microsoft-Entra-Identity-and-Access-presentation.pdf
Microsoft-Entra-Identity-and-Access-presentation.pdf
JohnDoe583546
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
SolarWinds
Big Data Security: Facing the challenge
Big Data Security: Facing the challenge
Stratio
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
4 Cyber Security KPIs
4 Cyber Security KPIs
Steven Aiello
What the Hackers Do to Steal the Data?
What the Hackers Do to Steal the Data?
Digit Oktavianto
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
Check Point Software Technologies
Similar to ATT&CK Updates- Defensive ATT&CK
(20)
DevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @Crowdstrike
Putting the PRE into ATTACK
Putting the PRE into ATTACK
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
Becoming a Yogi on Mac ATT&CKwith OceanLotus Postures
Becoming a Yogi on Mac ATT&CKwith OceanLotus Postures
Log Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
Autonomous Database Security Features
Autonomous Database Security Features
How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
EMEA Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
EMEA Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
EIC 2022 - Elimity - Trimming down user access governance to its essentials
EIC 2022 - Elimity - Trimming down user access governance to its essentials
Microsoft-Entra-Identity-and-Access-presentation.pdf
Microsoft-Entra-Identity-and-Access-presentation.pdf
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Big Data Security: Facing the challenge
Big Data Security: Facing the challenge
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
4 Cyber Security KPIs
4 Cyber Security KPIs
What the Hackers Do to Steal the Data?
What the Hackers Do to Steal the Data?
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
More from MITRE ATT&CK
Dealing With ATT&CK's Different Levels Of Detail
Dealing With ATT&CK's Different Levels Of Detail
MITRE ATT&CK
Automating testing by implementing ATT&CK using the Blackboard Architecture
Automating testing by implementing ATT&CK using the Blackboard Architecture
MITRE ATT&CK
I can haz cake: Benefits of working with MITRE on ATT&CK
I can haz cake: Benefits of working with MITRE on ATT&CK
MITRE ATT&CK
CISA usage of ATT&CK in Cybersecurity Advisories
CISA usage of ATT&CK in Cybersecurity Advisories
MITRE ATT&CK
ATT&CK’s Adoption in CTI: A Great Success (with Room to Grow!)
ATT&CK’s Adoption in CTI: A Great Success (with Room to Grow!)
MITRE ATT&CK
Civil Society, Pegasus, and Predator: What Sophisticated Spyware Means For Us...
Civil Society, Pegasus, and Predator: What Sophisticated Spyware Means For Us...
MITRE ATT&CK
Evaluating and Enhancing Security Maturity through MITRE ATT&CK Mapping
Evaluating and Enhancing Security Maturity through MITRE ATT&CK Mapping
MITRE ATT&CK
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK
MITRE ATT&CK based Threat Analysis for Electronic Flight Bag
MITRE ATT&CK based Threat Analysis for Electronic Flight Bag
MITRE ATT&CK
Tidying up your Nest: Validating ATT&CK Technique Coverage using EDR Telemetry
Tidying up your Nest: Validating ATT&CK Technique Coverage using EDR Telemetry
MITRE ATT&CK
Exploring the Labyrinth: Deep dive into the Lazarus Group's foray into macOS
Exploring the Labyrinth: Deep dive into the Lazarus Group's foray into macOS
MITRE ATT&CK
MITRE ATT&CK Updates: State of the Cloud
MITRE ATT&CK Updates: State of the Cloud
MITRE ATT&CK
Using ATT&CK to created wicked actors in real data
Using ATT&CK to created wicked actors in real data
MITRE ATT&CK
MITRE ATT&CK Updates: New Ideas in Enterprise - Pushing the boundaries of ATT...
MITRE ATT&CK Updates: New Ideas in Enterprise - Pushing the boundaries of ATT...
MITRE ATT&CK
Detection as Code, Automation, and Testing: The Key to Unlocking the Power of...
Detection as Code, Automation, and Testing: The Key to Unlocking the Power of...
MITRE ATT&CK
Navigating the Attention Economy – Using MITRE ATT&CK to Communicate to Stake...
Navigating the Attention Economy – Using MITRE ATT&CK to Communicate to Stake...
MITRE ATT&CK
ATT&CK is the Best Defense - Emulating Sophisticated Adversary Malware to Bol...
ATT&CK is the Best Defense - Emulating Sophisticated Adversary Malware to Bol...
MITRE ATT&CK
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
MITRE ATT&CK
MITRE ATT&CK Updates: ICS
MITRE ATT&CK Updates: ICS
MITRE ATT&CK
The case for quishing
The case for quishing
MITRE ATT&CK
More from MITRE ATT&CK
(20)
Dealing With ATT&CK's Different Levels Of Detail
Dealing With ATT&CK's Different Levels Of Detail
Automating testing by implementing ATT&CK using the Blackboard Architecture
Automating testing by implementing ATT&CK using the Blackboard Architecture
I can haz cake: Benefits of working with MITRE on ATT&CK
I can haz cake: Benefits of working with MITRE on ATT&CK
CISA usage of ATT&CK in Cybersecurity Advisories
CISA usage of ATT&CK in Cybersecurity Advisories
ATT&CK’s Adoption in CTI: A Great Success (with Room to Grow!)
ATT&CK’s Adoption in CTI: A Great Success (with Room to Grow!)
Civil Society, Pegasus, and Predator: What Sophisticated Spyware Means For Us...
Civil Society, Pegasus, and Predator: What Sophisticated Spyware Means For Us...
Evaluating and Enhancing Security Maturity through MITRE ATT&CK Mapping
Evaluating and Enhancing Security Maturity through MITRE ATT&CK Mapping
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK based Threat Analysis for Electronic Flight Bag
MITRE ATT&CK based Threat Analysis for Electronic Flight Bag
Tidying up your Nest: Validating ATT&CK Technique Coverage using EDR Telemetry
Tidying up your Nest: Validating ATT&CK Technique Coverage using EDR Telemetry
Exploring the Labyrinth: Deep dive into the Lazarus Group's foray into macOS
Exploring the Labyrinth: Deep dive into the Lazarus Group's foray into macOS
MITRE ATT&CK Updates: State of the Cloud
MITRE ATT&CK Updates: State of the Cloud
Using ATT&CK to created wicked actors in real data
Using ATT&CK to created wicked actors in real data
MITRE ATT&CK Updates: New Ideas in Enterprise - Pushing the boundaries of ATT...
MITRE ATT&CK Updates: New Ideas in Enterprise - Pushing the boundaries of ATT...
Detection as Code, Automation, and Testing: The Key to Unlocking the Power of...
Detection as Code, Automation, and Testing: The Key to Unlocking the Power of...
Navigating the Attention Economy – Using MITRE ATT&CK to Communicate to Stake...
Navigating the Attention Economy – Using MITRE ATT&CK to Communicate to Stake...
ATT&CK is the Best Defense - Emulating Sophisticated Adversary Malware to Bol...
ATT&CK is the Best Defense - Emulating Sophisticated Adversary Malware to Bol...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
MITRE ATT&CK Updates: ICS
MITRE ATT&CK Updates: ICS
The case for quishing
The case for quishing
Recently uploaded
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Zilliz
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Fwdays
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
charlottematthew16
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Recently uploaded
(20)
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
ATT&CK Updates- Defensive ATT&CK
1.
Defensive ATT&CK Updates Lex
Crumpton ATT&CK Defensive Lead @LexOnTheHunt ©2022 The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26
2.
Who am I •
Lead Cybersecurity Engineer • Former Exploitation Developer…turned blue...never looked back • Manage some things: • Digital Forensics Teams • Threat Hunting Teams • Detection Teams • My Canine Child • My Chaotic Workaholic Lifestyle J ©2022 The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26
3.
What is Defensive ATT&CK? •
Mitigations • Data Sources:Components • Detections • Cyber Analytic Repository (CAR) ©2022 The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26
4.
2021 ©2022 The MITRE
Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26 ID Data Source Data Component Detections DS0017 Command Command Execution Monitor executed commands and arguments that may attempt to access credential material stored in the process memory of the Local Security Authority Subsystem Service (LSASS). Such as procdump -ma lsass.exe lsass_dump DS0009 Process OS API Execution Monitor for API calls that may attempt to access credential material stored in the process memory of the Local Security Authority Subsystem Service (LSASS). Process Access Monitor for unexpected processes interacting with LSASS.exe. Common credential dumpers such as Mimikatz access LSASS.exe by opening the process, location the LSA secrets key, and decrypting the sections in memory where credential details are stored. Credential dumpers may also use methods for reflective Process Injection to reduce potential indicators of compromise activity. Process Creation Monitor newly executed processes that may be indicative of credential dumping, such as procdump.
5.
2022 ©2022 The MITRE
Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26 COMING SOON
6.
Cyber Analytic Repository ©2022
The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26 2022
7.
Cyber Analytic Repository ©2022
The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26 2022
8.
Looking towards the
future… Detections 2022 ©2022 The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26 Cyber Analytic Repository
9.
https://attack.mitre.org attack@mitre.org @mitreattack Lex Crumpton @LexOnTheHunt ©2022 The
MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22-00706-26
Download now