Using ATT&CK to Find Cyber Threats and Bolster Cyber Defense
1:15pm - 2:00pmWednesday, February 13
Orlando - Orange County Convention Center
Hall A | Booth 400 | Cybersecurity Theater A
The Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK™) knowledgebase, developed for public use by the MITRE Corporation, provides a methodology for characterizing and describing the actions an adversary may take while operating on specific platforms, and prior to compromise, within an enterprise network. This presentation will explain the ATT&CK knowledgebase and its application, as well as describe the healthcare-led, ATT&CK-based analytic development effort.
1. Explain the ATT&CK knowledge base in detail, to include ATT&CK for Enterprise, PRE-ATT&CK, and ATT&CK for mobile. The adversary tactic categories and techniques within each tactic category will be reviewed
Explain how to use ATT&CK to detect adversary behavior, improve cyber threat intelligence, conduct security gap analysis, emulate adversaries, and develop behavior detection analytics
Describe the current effort developing ATT&CK-based analytics for healthcare