Wednesday, December 9, 2015

2015-051-MITRE's ATT&CK Matrix

#MITRE has a Matrix that classifies the various ways that your network can be compromised. It shows all the post-exploitation categories from 'Persistence' to 'Privilege Escalation'. It's a nice way to organize all the information.
This week, Mr. Boettcher and I go over "#Persistence" and "#Command and #Control" sections of the Matrix.
Every person who attacks you has a specific method that they use to get and keep access to your systems, it's as unique as a fingerprint. Threat intelligence companies call it TTP (#Tactics, #Techniques, and #Procedures), we also discuss the Cyber #KillChain, and where it came from.
#ATT&CK Matrix:
Tactics, Techniques, and Procedures (shows patterns of behavior),_Techniques,_and_Procedures -- Cyber Kill Chain paper that inspired the ATT&CK Matrix
Direct Link:

TuneIn Radio App:
BrakeSec Podcast Twitter:
Join our Patreon!:
Comments, Questions, Feedback:

Here is a new episode of Brakeing Down Security!

No comments: