Modern cloud threats with complex, multi-stage kill chains cannot be mitigated simply by compliance and configuration checks. The MITRE ATT&CK framework for Cloud provides a structure for security teams to reason about attacker tactics in their cloud. The newly announced MITRE D3FEND framework provides a standard vocabulary for countermeasures against attackers.
In this live session, we will provide an overview of D3FEND and how it maps to cloud security. We discuss the countermeasures security teams should consider that are specific to cloud attack tactics. We also discuss how ATT&CK maps to the technical root causes of breach that have impacted over 9,000 reported breaches to date.
Security experts and cloud DevOps/DevSecOps attendees will learn about:
- MITRE ATT&CK and differences between Cloud and On-premises
- How MITRE ATT&CK maps to the technical root causes of breaches
- MITRE D3FEND and how to apply and extend it for your cloud
- How to prioritize and deploy countermeasures based on D3FEND
Hear from Dr. Neil Daswani (former CISO of LifeLock and co-author of Big Breaches and Foundations of Security) and Dr. Saumitra Das (founder and inventor in AI security) about these frameworks and countermeasures and reason about where to direct your efforts to minimize risk.