Enriching MITRE ATT&CK Techniques for Better Threat Detection

Logo
Presented by

Brian Coulson, Principal Threat Research Engineer LogRhythm Labs, LogRhythm

About this talk

The MITRE ATT&CK framework has become the de-facto standard for detecting cyber adversary behavior, tactics, and techniques. But you can get lost in the noise of all the alerts. Watch this replay session from our recent RhythmWorld Security Conference to discover how to use the LogRhythm MITRE ATT&CK module to create more actionable security alerts in your environment. Brian Coulson, LogRhythm Labs’ principal threat research engineer, demonstrates how to make MITRE ATT&CK technique detections actionable related to attacks and malicious activity using the LogRhythm NextGen SIEM Platform. You’ll learn: - Threat hunting techniques using the LogRhythm WebUI - How to add lists and filters to MITRE ATT&CK techniques to target attacks and malicious activity - How to create AI Engine feedback rules to focus on attacks and malicious activity - Best practices to create AI Engine trend rules for event-driven threat hunts Watch today!
Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (259)
Subscribers (76739)
LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency. With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com