Unpacking the MITRE ATT&CK Evaluation featuring Forrester

Logo
Presented by

Josh Zelonis, Peter Havens & Zeynep Ozdemir

About this talk

An Expert's View on the MITRE ATT&CK Evaluation featuring Josh Zelonis MITRE, the world's largest collector of real attack techniques, provides organizations with in-depth detail across 12 categories of tactics, how they're used, and how to mitigate them. Pulling from this data, the ATT&CK evaluation has quickly become the standard by which endpoint detection and response (EDR) offerings are judged through a real-world red/blue team exercise. Join guest speaker Josh Zelonis, Forrester, Senior Analyst, and Peter Havens, Palo Alto Networks, as they dive into first-round evaluation results using techniques sourced from APT3, a sophisticated Chinese threat group. MITRE used APT3's playbook to test the ten leading EDR vendors, including leveraging post-exploit behavior, credential harvesting, on-keyboard commands, scripting techniques, and anti-EDR capabilities. This packed session will provide a deep-dive on: * How security emulation and testing tools were used to break into systems * The details with real screen shots and specific outcomes of tested attack techniques across different products * Why Forrester's ranking system is becoming the standard to evaluate EDR products and how you can use it * How to objectively choose the right EDR based on Forrester's research
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (853)
Subscribers (104077)
Palo Alto Networks is the next-generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for tens of thousands of organizations worldwide. Built with an innovative approach and highly differentiated cyberthreat prevention capabilities, our game-changing security platform delivers security far superior to legacy or point products, safely enables daily business operations, and protects an organization's most valuable assets. Find out more at www.paloaltonetworks.com or call us at 1-877-524-1031.