Ep. 7: MITRE ATT&CK framework featuring Adam Pennington, MITRE ATT&CK Lead

The MITRE ATT&CK framework provides a standardized taxonomy and knowledge base of adversary tactics, techniques, and procedures (TTPs), enabling organizations to enhance threat detection, response, and mitigation strategies effectively. In this episode, Adam Pennington tells us about the origins of the ATT&CK project, how organizations can effectively leverage it, and the journey that led Adam to his current role as the project's leader.     Resources:  Mitre ATT&CK website: https://attack.mitre.org/ .conf24 agenda: https://conf.splunk.com/  ATT&CKCon Presentations: https://attack.mitre.org/resources/learn-more-about-attack/ ATT&CK Evaluations Program: https://mitre-engenuity.org/cybersecurity/attack-evaluations/ Adam's BSides Talk (Bringing Intelligence into Cyber Deception with MITRE ATT&CK): https://www.youtube.com/watch?v=eL4iLUw1ee8 Adam's DEF CON Talk (Emulating Adversary w Imperfect Intelligence): https://www.youtube.com/watch?v=cXlWY3OnjO0 David Bianco's Pyramid of Pain: https://www.youtube.com/watch?v=3Xrl6ICxKxI  Dr. Fetterman’s blog: https://www.splunk.com/en_us/blog/security/revisiting-the-big-picture-macro-level-att-ck-updates-for-2023.html

Om Podcasten

The Security Detail is a podcast series by SURGe, Splunk’s strategic security research team. Every other week, co-hosts Audra Streetman and Kirsty Paine interview security experts about the top cyber threats in different industries. Episodes will examine the cyber threat landscape in healthcare, education, manufacturing, the technology sector, retail and hospitality, telecommunications, and the public sector.