Threat Detection and Hunting for Common MITRE ATT&CK Techniques
HTML-код
- Опубликовано: 19 июл 2024
- In this webinar, LogRhythm threat detection research engineers join Ultimate Security Windows Host Randy Franklin Smith to zero in on the new standard to assess the effectiveness of your security monitoring and alerting capabilities - the MITRE ATT&CK framework.
The presenters will explore the most common techniques from the MITRE ATT&CK framework, demonstrate how attackers use them, and show you how you can use them to detect and respond to threats across the entire threat lifecycle. The five techniques that will be covered include:
1. Connection Proxy
2. Exfiltration Over Alternative Protocol
3. Masquerading
4. Drive-by Compromise
5. Service Execution - Наука
Great explanation, great video, appreciated thank you.
(16:22)-Resources. Python Attack Client and Stix2 Library
(34:17)-Masquerading Demo
(1:12:27)-Registry Key/Startup and Schedule Tasks
Can you please provide the link to the first LogRhythm MITRE ATT&CK recording that you spoke of at the beginning. Thank you.
That audio though 🤕
@7:30
Ok
+