The MITRE ATT&CK evaluations test security vendors’ ability to quickly detect and stop tactics and techniques used by today’s threat actors. In this session, we're going to boil down the complexity of the MITRE ATT&CK framework so your organization can understand:
How to interpret the results across Protection, Detection and Linux.
The difference between Technique, Tactic, and Telemetry detections.
Why organizations are mapping to the MITRE ATT&CK framework and what’s next.
The 2020 Round 3 MITRE ATT&CK evaluations focused on Carbanak and FIN7, threat actor groups known to target large financial services, retail, restaurant, and hospitality institutions. As threat actors who attack banks, it’s not surprising that the evaluation tested stealthy techniques including scripting, obfuscation, “living off the land”, and new this year -- attacks across Linux systems.
The Cybereason team has participated in all three MITRE ATT&CK evaluations, and while we're proud to continue to test our prevention and detection coverage, what matters most is helping organizations defend against real-world adversaries. One of those ways is by building an Adversary Emulation Plan with 5 clear steps to implementing MITRE ATT&CK. This is a good resource that newer L1 analysts can use to learn about specific attacks and the security tools they will be working with. As a thank you for registering, we'll send you a complimentary copy after the webinar has ended.
Israel Barak, CISO, is a cyber defense and warfare expert, with extensive background working for the government where he established and operated various cyber warfare teams. As Cybereason’s CISO, Israel is at the forefront of the company’s security innovation, as well as research and analysis of current and evolving advanced threats.
Eric Sun is a Product Director at Cybereason, focused on helping security teams measure and improve their resilience against modern threats. Eric works closely with the Nocturnus research team and global SOCs to understand emerging attack campaigns and evolving best practices. He brings a layer of behavior analytics and risk management from his many years in Asia as a professional poker player.