The MITRE ATT&CK Framework and SOAR: Better Together

Presented by

Jon Oltsik, Enterprise Strategy Group and Karl Klaessig, ServiceNow

About this talk

Enterprises are enthusiastic about the MITRE ATT&CK Framework, a behavioral-based threat model, and how it can help enable thinking “like the enemy”—stitching together cyber-attack kill chains and visualizing adversarial tactics. However, while many security tools provide basic MITRE ATT&CK support, SOC teams still find it hard to operationalize the framework into processes for incident detection, security engineering, and threat hunting and response. Your security orchestration, automation, and response (SOAR) tools can help, but only if they’re tightly integrated. Join our webinar on integrating the MITRE ATT&CK Framework with SOAR, as we discuss: - The key requirements you will need for this integration - The benefits you can gain by including MITRE ATT&CK data into incidents/observables - Creating custom dashboards and runbooks - Gaining an intuitive visualization of attack campaigns and adversarial behavior

Related topics:

More from this channel

Upcoming talks (5)
On-demand talks (42)
Subscribers (1362)
ServiceNow enables security incident and vulnerability prioritization and a response engine built on the Now Platform. Purpose-built to enable security and IT teams to respond faster and more efficiently to incidents and vulnerabilities, ServiceNow leverages intelligent workflows, automation, and a deep connection with IT to streamline security and vulnerability response. You can dramatically scale your teams’ capacity and accelerate incident and vulnerability response with Security Operation’s automated workflows and collaborative data platform, enabling you to stay ahead of today’s persistent threats and vulnerabilities.