03. x33fcon 2018 - Threat-based Purple Teaming with ATT&CK by Chris and Cody from MITRE
The days of the IOC are over, and now defenders need to detect the behaviors of an adversary. The best way to do this is for red and blue to operate together in a purple team with many quicker engagements. By leveraging threat intelligence and the common language of ATT&CK, red teams can behave like very specific adversaries while providing a breadth of technique implementations. A successful purple team occurs when red helps blue find gaps in sensing, helps create analytics, and can perform many different implementations of the same behaviors. To share this process and jumpstart others, MITRE is releasing initial ATT&CK emulation plans for APT3 and APT29, complete with adversary MO and a ‘cheat sheet’ of potential commands for red teams.
----
The idea behind x33fcon (pronounced /'zi:f-kɒn/) is to focus on a very specific need of the security industry: collaboration between blue and red teams (sometimes referred to as purple teaming) It is an event that brings both groups together, and everyone from both sides of the fence are invited to gather, share ideas and discuss thoughts on security.
Смотрите видео 03. x33fcon 2018 - Threat-based Purple Teaming with ATT&CK by Chris and Cody from MITRE онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь x33fcon 12 Июнь 2018, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 4,231 раз и оно понравилось 70 людям.