As we round out the final installment of our Threat Hunting with ATT&CK webinar series, we’ll be taking an inside look at how sophisticated security teams build mature threat hunting programs.
The following article originally appeared on the Carbon Black blog. The author, Jimmy Astle, is a senior threat researcher at Carbon Black and a speaker on the upcoming webinar: Testing Visibility to Develop an Innovative Threat Hunting Program. MITRE ATT&CK is arguably one of the best assets available to security professionals who want to dive into the intricacies of detecting and … Read More
You’ve heard the buzz around MITRE ATT&CK™ — but how do you apply this broad framework to your security program? We’re excited to kick off a three-part webinar series exploring how top security teams use ATT&CK as a roadmap to mature and expand their threat hunting programs. The first session features John Wunder, MITRE Principal Cybersecurity Engineer, alongside two long-time threat hunting gurus: Phil … Read More
A lesson I learned early in my career is that technology professionals often inherit older problems. This is especially true of administrators responsible for network services and security because they inherit the biggest snowball of problems: an enterprise network. Networks often grow in ways that make them harder to secure and maintain as they age, and admins often implement new … Read More
Preventing a breach is every security leader’s top priority. Stopping modern adversaries means having visibility and insight into their tactics, techniques, and behaviors. This two-part series takes readers behind the scenes of a compromised network environment in which multiple endpoints were infected with malware. Part 1 focuses on steps the malware took to establish persistence, while Part 2 will focus on … Read More
Building and maturing a Security Operations Center (SOC) is different for every organization. In this guest post, a security engineer at an insurance company in the Midwest shares what he learned as part of a three-person security team charged with implementing a SOC. The following views are his own and not those of his organization or team. Someone once said … Read More