MITRE ATT&CK: The Play at Home Edition
You’ve seen the tactics and techniques as well as read the descriptions, but how do you take the theory of MITRE ATT&CK™ and turn it into something actionable? What is possible with a framework like ATT&CK? Learn how to take ATT&CK from a predictability model to a powerful force for creating a threat-informed defense in your organization. Katie Nickels, ATT&CK Threat Intelligence Lead at The MITRE Corporation and Ryan Kovar, Principal Security Strategist at Splunk will walk through the story of how ATT&CK helped a fictional organization solve real-world inspired problems – as well as the struggles they faced along the way and how they overcame them.
Nicholas Hayden, Senior Director of Threat Intelligence at Anomali, discusses how security teams can operationalize ATT&CK and improve how ATT&CK works in the context of threat intelligence for tracking and protection against risks. By collecting statistical data on tactics, techniques, and procedures (TTPs), a predictability model, similar to the ones used for predicting power outages, can be created. This predictability model will show how, and potentially when, you’ll see attacks.