The MITRE ATT&CK Framework and SOAR: Better Together

Presented by

Jon Oltsik, Enterprise Strategy Group and Karl Klaessig, ServiceNow

About this talk

Enterprises are enthusiastic about the MITRE ATT&CK Framework, a behavioral-based threat model, and how it can help enable thinking “like the enemy”—stitching together cyber-attack kill chains and visualizing adversarial tactics. However, while many security tools provide basic MITRE ATT&CK support, SOC teams still find it hard to operationalize the framework into processes for incident detection, security engineering, and threat hunting and response. Your security orchestration, automation, and response (SOAR) tools can help, but only if they’re tightly integrated. Join our webinar on integrating the MITRE ATT&CK Framework with SOAR, as we discuss: - The key requirements you will need for this integration - The benefits you can gain by including MITRE ATT&CK data into incidents/observables - Creating custom dashboards and runbooks - Gaining an intuitive visualization of attack campaigns and adversarial behavior
Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (102)
Subscribers (3899)
Transform your security operations the same way you are transforming your business with automation, AI, context, and collaboration between security, IT, and risk teams. You can identify, prioritize, and respond with agility to evolving cyber threats. We can also help you get proactive to improve your security by systematically hardening and reducing your digital attack surface and optimizing and orchestrating your security operations.