At around 9:00 there is mention of a "beautiful pdf" that discusses TTPs of common threat actors, any chance we can get a link to that? To pre-empt the comments. I am already well aware of MITRE. Just looking for commentary. Edit: In fact there a whole lot of tooling mentioned in this presentation that would be really good to take a look at. Any chance we can get all external tool mentions linked out in the description? That jpcert tool analysis tool looks brilliant.
I came across this today. I found this useful. Thanks Chris and SANS for sharing this.
Very useful presentation. Thank you for your share.
Glad you liked it :)
At around 9:00 there is mention of a "beautiful pdf" that discusses TTPs of common threat actors, any chance we can get a link to that?
To pre-empt the comments. I am already well aware of MITRE. Just looking for commentary.
Edit:
In fact there a whole lot of tooling mentioned in this presentation that would be really good to take a look at. Any chance we can get all external tool mentions linked out in the description?
That jpcert tool analysis tool looks brilliant.
They removed it, but it's on archive org: web.archive.org/web/20201102195334/www.thaicert.or.th/downloads/files/A_Threat_Actor_Encyclopedia.pdf
Good insight
Thanks :)
Should've mentioned the Attack Mitre framework and long tail analysis
they do
You didn't even make it 12 minutes in huh.
Mailer attcck