MITRE ATT&CK Con Power Hour
#mitre
Starting over with sub-techniques
by red canary
興味ない
USING MITRE PRE-ATT&CK AND ATT&CK IN CYBERCRIME EDUCATION AND RESEARCH
興味ない
WITHOUT ATTACKING: TRANSFORMING ADVERSARY EMULATIONS INTO A DATA ANALYSIS QUESTION
https://gyazo.com/4ee7556cffe9ea54863364e5888873c2
issue: not scalable(nor was it intended to)
Mitigationまずやってこうぜ、という話
DETECTING ATT&CKS WITH DYNAMIC THRESHOLDS USING TUKEY’S TEST AND AZURE SENTINEL
Sentinelすごいよ、というはなし
TA505: A STUDY OF HIGH-END BIG GAME HUNTING IN 2020
WHAT’S NEW WITH ATT&CK FOR CLOUD
https://attack.mitre.org/matrices/enterprise/cloud/のはなし