The MITRE ATT&CK framework is a 'checklist' of threat tactics and techniques used by cyber adversaries. Using this framework, organisations can see their vulnerability and identify where there are potential gaps for exploitation. As a vendor-agnostic tool, it's widely used and supported by security professionals worldwide. With New Zealand experiencing a surge in malicious activity of late, Hamish talks about how we can use this framework to better defend against the ever-growing threat of cyber attacks.
- State of CTI in NZ (nascent) (vendor led)
- What ATT&CK is
- What ATT&CK isn’t (or shouldn’t be used for)
- Common pitfalls
- Mitigating against all the things
- Car Crash analogy
- How to operationalize ATT&CK data for common use cases
- TTP coverage mapping Product Evaluations (Presales)
- Threat Actor mapping
- Report Writing (Blue + Red) “Adversary emulation” + Purple Teaming
- “Advanced” use cases
Watch the presentation
Looking for a cyber security assessment?
Take a look at our options - customisable for organisations of all sizes and industries.