Explore the concept of SOC Counter ATT&CK in this 25-minute conference talk by Mathieu Saulnier at BSidesLV 2019. Delve into the fundamentals of ATT&CK, understand the Pyramid of Pain, and learn how to conduct preliminary assessments. Discover effective techniques for tracking progress, coverage, and addressing management questions. Gain insights into knowing your enemy, implementing metrics and KPIs, and utilizing Atomic Red Team. Walk away with key takeaways to enhance your organization's security operations and threat detection capabilities.
Overview
Syllabus
Intro
What is ATT&CK
Pyramid of Pain
Preliminary Assessment
Example of Questions
Track Progress & Coverage
Management Questions
Know Your Enemy
Metrics & KPI
Atomic Red Team
Key Takeaways
Taught by
BSidesLV
