An Expert's View on the MITRE ATT&CK Evaluation featuring Josh Zelonis
MITRE, the world's largest collector of real attack techniques, provides organizations with in-depth detail across 12 categories of tactics, how they're used, and how to mitigate them. Pulling from this data, the ATT&CK evaluation has quickly become the standard by which endpoint detection and response (EDR) offerings are judged through a real-world red/blue team exercise.
Join guest speaker Josh Zelonis, Forrester, Senior Analyst, and Peter Havens, Palo Alto Networks, as they dive into first-round evaluation results using techniques sourced from APT3, a sophisticated Chinese threat group. MITRE used APT3's playbook to test the ten leading EDR vendors, including leveraging post-exploit behavior, credential harvesting, on-keyboard commands, scripting techniques, and anti-EDR capabilities. This packed session will provide a deep-dive on:
* How security emulation and testing tools were used to break into systems
* The details with real screen shots and specific outcomes of tested attack techniques across different products
* Why Forrester's ranking system is becoming the standard to evaluate EDR products and how you can use it
* How to objectively choose the right EDR based on Forrester's research