Putting MITRE ATT&CK™ into Action with What You Have, Where You Are presented by Katie Nickels

Рет қаралды 98,476

Күн бұрын

MITRE ATT&CK™ has become widely adopted in the community as a way to frame adversary behaviors and improve defenses. But how can you use it for your team with what you have, where you are? Katie Nickels will break down the ATT&CK knowledge base so you understand how you can put it into action. She will explain the philosophy and approach behind ATT&CK, then dive into how you can use it, whether you’re a one-person shop or an advanced security operations center. Katie will cover how you can use ATT&CK for detection, threat intelligence, assessments, and red teaming, with a focus on actionable takeaways to help your team move toward a threat-informed defense.
Speaker: Katie Nickels, ATT&CK Threat Intelligence Lead at The MITRE Corporation
Katie Nickels is the ATT&CK Threat Intelligence Lead at The MITRE Corporation, where she focuses on applying cyber threat intelligence to ATT&CK and sharing why that’s useful. She has worked in Security Operations Centers and cyber threat intelligence for nearly a decade, hailing from a liberal arts background with degrees from Smith College and Georgetown University. With more than a dozen publications to her name, Katie has shared her expertise with presentations at BSides LV, the FIRST CTI Symposium, multiple SANS Summits, and other events. She is also a SANS instructor for FOR578: Cyber Threat Intelligence and was a member of the 2019 SANS CTI Summit Advisory Board. Katie was the 2018 recipient of the President's Award from the Women's Society of Cyberjutsu and serves as the Program Manager for the Cyberjutsu Girls Academy.
Follow on Twitter @likethecoins

Пікірлер: 34

@kerriemorin3235 Жыл бұрын

Thanks for making this content extremely digestible regardless of individual defender's knowledge and experience level...without the ego typically observed in those with your obvious skillset. "I found nine." "Cool." 🤩

@dancostan 3 жыл бұрын

Outstanding presentation! You're really good at this! I took extended notes on it! Congratulations!

@TheSocratesian 4 жыл бұрын

Katie ROCKS!

@SahilKumar-uu2sy Жыл бұрын

Awesome delivery of the contents :) Love to repeat

@aataurrehman 2 жыл бұрын

Superb Presentation!

@danusminimus9557 4 жыл бұрын

Thanks Katie!

@cybersai3509 3 жыл бұрын

I am learning lot of things from Katie ....thanks 👍

@dereklewinson3018 2 жыл бұрын

Informative presentation, thank you!

@AlicyaSimmons 2 жыл бұрын

Thanks !!!

@fantoosh151 3 жыл бұрын

Very Informative , thanks !

@DennisHunter Жыл бұрын

Thanks for this

@ThomasKnowlesIsGreat 5 жыл бұрын

That was really enlightening and highlighted some areas I never thought of. Good video

@kriegeadler 11 ай бұрын

Thank you very much!

@rachaelgachigua3224 3 жыл бұрын

Thankyou for this! What are the various job titles in a threat hunting team?

@princesamuel5579 2 жыл бұрын

Lots of great content being shared. Thanks

@mohammedqaisar7127 4 жыл бұрын

Very useful...thanks

@kareemh91 4 жыл бұрын

How we can get this PowerPoint file? Very helpful video

@crash4o4 Жыл бұрын

Any chance those slides are available to download. Thanks for the video either way 😊

@Rob-iy2rt Жыл бұрын

We need to get more people in general into cyber and STEM. No need to just focus on one group.

@keithcrowder9541 10 ай бұрын

The $whoami had me hooked. She lives in the command line. Haha

@d.lindstrom7130 2 жыл бұрын

how will we know this wont be used as wapons and force again

@stuku1996 3 жыл бұрын

Talk starts 1:10

@MrEmityushkin 2 жыл бұрын

@dog-sitive 4 ай бұрын

just do not understand why she should talks so fast and uncomfortable.... i pretty sure everybody watched her presentaion in youtube has paused for many times, now think about pepople who sitting there..... they saw a presentation with more than a page staff in one page while she is talking like somebody put her in 3X fast option. so in short say, people just get 60 procent of what she said.....

@halfbakedproductions7887 2 жыл бұрын

I just think the whole ATT&CK thing is a waste of time. It is never clearly explained, it adds extra administrative overhead to categorise everything... and why are you even doing that? There just doesn't seem to be any real need - you waste time ensuring everything is mapped to umpteen clumsily-named categories when you can just spend the same time actually fixing it? Nobody has ever been able to sell ATT&CK to me. I have worked at some utterly enormous organisations you have definitely heard of and never actually seen it being used in the wild. Like many other things in InfoSec it appears to be an exercise in making yourself look important while doing absolutely nothing.

@UberYunSpicyEggroll 2 жыл бұрын

Dang dude no chill. Food for thought though. I wonder how much it cost to use ATT&CK.

@vasanthkumarvkr Жыл бұрын

Finally and glad someone said this. This is of no to very little "practical" use. Knowing "every" single attack technique and strengthening your defenses and detection mechanisms across all layers, for "each" of it will take years. And it will still be a moving target. This is yet another buzzword & hype, which is blindly amplified by many. Worst or the funny thing is the video title says Putting MITRE ATT&CK™ into '"ACTION" but she is simply reading the slides..lol

@DennisHunter Жыл бұрын

Reading the slides is IMPORTANT because the IMPORTANT stuff should be ON the slides, if the slides are done well.

@Rob-iy2rt Жыл бұрын

I think it is mainly useful in an educational setting, like for people who are studying for CompTIA certs.