Enriching MITRE ATT&CK Techniques for Better Threat Detection

Presented by

Brian Coulson, Principal Threat Research Engineer LogRhythm Labs, LogRhythm

About this talk

The MITRE ATT&CK framework has become the de-facto standard for detecting cyber adversary behavior, tactics, and techniques. But you can get lost in the noise of all the alerts. Watch this replay session from our recent RhythmWorld Security Conference to discover how to use the LogRhythm MITRE ATT&CK module to create more actionable security alerts in your environment. Brian Coulson, LogRhythm Labs’ principal threat research engineer, demonstrates how to make MITRE ATT&CK technique detections actionable related to attacks and malicious activity using the LogRhythm NextGen SIEM Platform. You’ll learn: - Threat hunting techniques using the LogRhythm WebUI - How to add lists and filters to MITRE ATT&CK techniques to target attacks and malicious activity - How to create AI Engine feedback rules to focus on attacks and malicious activity - Best practices to create AI Engine trend rules for event-driven threat hunts Watch today!

Related topics:

More from this channel

Upcoming talks (5)
On-demand talks (161)
Subscribers (62135)
LogRhythm’s award-winning NextGen SIEM Platform makes the world safer by protecting organizations, employees, and customers from the latest cyberthreats. It does this by providing a comprehensive platform with the latest security functionality, including security analytics; network detection and response (NDR); user and entity behavior analytics (UEBA); and security orchestration, automation, and response (SOAR). Learn how LogRhythm empowers companies to be security first at logrhythm.com. To learn more, please visit logrhythm.com.