研究进攻性安全构建更好的防御体系.pdf

《研究进攻性安全构建更好的防御体系.pdf》由会员分享，可在线阅读，更多相关《研究进攻性安全构建更好的防御体系.pdf（17页珍藏版）》请在三个皮匠报告上搜索。

1、Operationalizing MITRE ATT&CKStudyingOffensive Securityto Build aBetter Defense 2024 The MITRE Corporation.This work is reproduced and distributed with the permission of The MITRE Corporation.whomaiStephen AldrichSenior Information Security SpecialistSt Charles Health SystemCISSP,CEH,OSCP,CySA+,Secu

2、rity+Lockheed Martin Cyber Kill Chain CYBER KILL CHAIN is a registered trademark of Lockheed Martin Corporationhttps:/ Biancos Pyramid of PainATT&CKhttps:/detect- is MITRE ATT&CK?https:/www.mitre.org/who-we-are/our-storyhttps:/attack.mitre.org/ATT&CK Matrixhttps:/attack.mitre.org/matrices/enterprise

3、/Tactics,Techniques&Procedureshttps:/attack.mitre.org/matrices/enterprise/https:/nsarchive.gwu.edu/sites/default/files/documents/3891751/SANS-and-Electricity-Information-Sharing-and.pdf How can we use ATT&CK?Threat IntelligenceDetection AnalysisAdversary EmulationAssessment&EngineeringThreat Intelli

4、gencehttps:/attack.mitre.org/Black Bastahttps:/attack.mitre.org/software/S1070/https:/ Analysishttps:/attack.mitre.org/software/S1070/https:/ Basta in ATT&CK Navigatorhttps:/mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fattack.mitre.org%2Fsoftware%2FS1070%2FS1070-enterprise-layer.j

5、son)Black BastatoDetection MappingAdversary EmulationCategories of Adversary Emulation Atomic Micro FullSoftware Red Canarys Atomic Red Team-https:/ Caldera Project-https:/caldera.mitre.org/Commercial ToolsIncident Response Exercises PlaybooksAssessment&EngineeringAre existing defenses effective?Wil

6、l existing defenses detect a specific adversary?Identify highest risksAre we collecting from the right data sources?Evaluation of new toolsDo we have overlapping or missing tool coverage?https:/attack.mitre.org/techniques/T1566/001/Final Th