How To Increase MITRE ATT&CK Coverage with Network Traffic Analysis

Logo
Presented by

John Smith, Principal Sales Engineer at ExtraHop; Chris Crowley, Senior Instructor at SANS

About this talk

The MITRE ATT&CK Framework is a useful tool for SecOps teams trying to understand their security posture against common adversary tactics, techniques, and procedures (TTPs). In this presentation you'll learn how to take your ATT&CK understanding and coverage to the next level with network traffic analysis. You'll also learn: - Key tips for understanding the MITRE ATT&CK Framework and how to use it as a tool to improve your security posture. - What the framework is optimized for, and where it has room to grow - Which security tools and data sources you'll need to achieve the best coverage against TTPs in all 12 categories of the MITRE ATT&CK Framework
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (190)
Subscribers (11576)
The prevention and protection model of cybersecurity isn’t working: between the cloud, IoT, and the sheer pace of change, the enterprise is no longer built to be walled in. This channel provides educational webinars to help SecOps (SOC) and NetOps (NOC) teams, from CIOs and CISOs to analysts and practitioners, change their perspective in order to identify, investigate, and respond to threats across the modern attack surface. We explore how cloud-native network detection and response (NDR) provides the complete visibility, real-time threat detection, and intelligent response you need to secure your hybrid environment. You’ll also find product information about ExtraHop Reveal(x) which enables you to: Eliminate blind spots: Cover 100% of your hybrid environment, Detect what matters: Find threats 95% faster, and Act quickly: Respond to breaches 70% faster. Learn more at www.extrahop.com