Addressing the Benefits & Challenges of Implementing the MITRE ATT&CK Framework

Logo
Presented by

Douglas Wagner – Security Analytics Leader - N America, IBM

About this talk

Security teams frequently struggle with their security analytics (SIEM) practice, specifically how to identify malicious behaviors beyond the vendor-provided content. MITRE's granular approach to detecting threats provides an overarching strategy that organizations can follow. We will discuss the importance, value and some of the challenges implementing the MITRE ATT&CK framework for detection processes. Additionally we will cover the "how" and "why" of implementing a "Model of Continuous Improvement" for threat detection within your organization. Finally we will address the pain points (both technical and managerial) organizations face trying to improve their security analytics practice--and how to overcome those hurdles.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (107)
Subscribers (21171)
(ISC)² Security Congress channel contains digital content of activities at (ISC)2's Flagship conference event. You'll find keynotes, sessions and related items.