03. x33fcon 2018 - Threat-based Purple Teaming with ATT&CK by Chris and Cody from MITRE
The days of the IOC are over, and now defenders need to detect the behaviors of an adversary. The best way to do this is for red and blue to operate together in a purple team with many quicker engagements. By leveraging threat intelligence and the common language of ATT&CK, red teams can behave like very specific adversaries while providing a breadth of technique implementations. A successful purple team occurs when red helps blue find gaps in sensing, helps create analytics, and can perform many different implementations of the same behaviors. To share this process and jumpstart others, MITRE is releasing initial ATT&CK emulation plans for APT3 and APT29, complete with adversary MO and a ‘cheat sheet’ of potential commands for red teams.
----
The idea behind x33fcon (pronounced /'zi:f-kɒn/) is to focus on a very specific need of the security industry: collaboration between blue and red teams (sometimes referred to as purple teaming) It is an event that brings both groups together, and everyone from both sides of the fence are invited to gather, share ideas and discuss thoughts on security.
Watch video 03. x33fcon 2018 - Threat-based Purple Teaming with ATT&CK by Chris and Cody from MITRE online without registration, duration hours minute second in high quality. This video was added by user x33fcon 12 June 2018, don't forget to share it with your friends and acquaintances, it has been viewed on our site 4,231 once and liked it 70 people.