Date
October 20, 2022
Presenters
Sean D. Goodwin, CISA, QSA, PCIP, CISSP, CCSP, GSEC, GCIH, GCIA, GCWN, GCCC, GCUX, GCPM, GDAT, GSE
Senior Manager
Description
Location: Marriott Marquis Houston Houston, Texas
Sean will be speaking on the topic of Combining APTs, TTPs, & GRC to build realistic security programs with MITRE ATT&CKÂ at 1 PM on Thursday, October 20th.
High-Level Outline
- Introduction to MITRE ATT&CK®
- Overview Matrices •How MITRE ATT&CK® Can Be Used
- Keeping Your Threat Models Up to Date
- Cybersecurity Testing & Response Maturity
Potential demos to inject based on time
- How to find and navigate MITRE ATT&CK®
- ATT&CK Navigator
- Atomic Red Team
- Vectr
- D3FEND Matrix
- https://github.com/rabobank-cdc/DeTTECT
- https://atc-project.github.io/atc-react/
While some of the demonstrations are technical in nature, the intent of this session is to educate the GRC world about the importance of leveraging the available tools and data-sets to make risk-informed decisions. Implementing the processes discussed here allows for security and GRC staff to work together on focusing on the risks with a high likelihood, as well as communicating in a shared language.
Back to Events