Free

MITRE ATT&CK Defender™ (MAD) ATT&CK® Cyber Threat Intelligence Certification Training

Analysts and researchers gain hands-on instruction directly from MITRE’s experts in this MITRE ATT&CK Defender™ (MAD) ATT&CK® Cyber Threat Intelligence Certification course. Prepare for the certification and learn how to map raw data to ATT&CK, as well as how to operationalize the intelligence through recommendations to defenders.
2
25
M
Time
intermediate
difficulty
3
ceu/cpe

Course Content

Exercise 3: Comparing Layers in ATT&CK® Navigator

2m

Storing and Analyzing ATT&CK®-Mapped Data
Analyzing ATT&CK®-Mapped Data

5m

Storing and Analyzing ATT&CK®-Mapped Data
Expressing and Storing ATT&CK®-Mapped Data

4m

Storing and Analyzing ATT&CK®-Mapped Data
Storing and Displaying ATT&CK®-Mapped Data

3m

Storing and Analyzing ATT&CK®-Mapped Data
Raw Data to Narrative Reporting

9m

Mapping to ATT&CK® from Raw Data
Identify and Research Behaviors

5m

Mapping to ATT&CK® from Raw Data
The Process of Mapping from Raw Data

6m

Mapping to ATT&CK® from Raw Data
Hedging Your Biases

11m

Mapping to ATT&CK® from Narrative Reports
Mapping to a Narrative Point

10m

Mapping to ATT&CK® from Narrative Reports
Identifying Techniques or Sub-Techniques

13m

Mapping to ATT&CK® from Narrative Reports
Translating the Behavior into a Tactic

11m

Mapping to ATT&CK® from Narrative Reports
Finding and Researching the Behavior

8m

Mapping to ATT&CK® from Narrative Reports
Make Defensive Recommendations

13m

Making Defensive Recommendations from ATT&CK®-Mapped Data
Researching Organizational Capabilities and Constraints and Determine Trade-Offs

10m

Making Defensive Recommendations from ATT&CK®-Mapped Data
How Techniques and Sub-Techniques are Being Used

8m

Making Defensive Recommendations from ATT&CK®-Mapped Data
The Defensive Recommendations Process

5m

Making Defensive Recommendations from ATT&CK®-Mapped Data
Course Description

The ATT&CK® team will help you learn how to leverage ATT&CK® to improve your cyber threat intelligence (CTI) practices.

Target Audience

ATT&CK® for Cyber Threat Intelligence is an intermediate course that focuses on identifying, developing, analyzing, and applying ATT&CK®-mapped intelligence. Participants should have a solid understanding of the ATT&CK® framework. If you’re unfamiliar with ATT&CK®, we suggest that you take MITRE ATT&CK Defender™ (MAD) ATT&CK® Fundamentals prior to this course.

Prerequisites

  • An understanding of the ATT&CK® framework through the [MITRE ATT&CK Defender™ (MAD) – ATT&CK® Fundamentals course](https://www.cybrary.it/course/mitre-attack-defender-mad-attack-fundamentals/)
  • An understanding of security concepts, previous training, or prior CTI field experience
  • MITRE ATT&CK Cyber Threat Intelligence Certification Course Goals

    By the end of this MITRE ATT&CK Cyber Threat Intelligence Certification course, students should be able to:

  • Map to ATT&CK® from both narrative reporting and raw data
  • Effectively store and display ATT&CK®-mapped data
  • Leverage ATT&CK® Navigator for analysis
  • Perform CTI analysis using ATT&CK®-mapped data
  • Provide actionable defensive recommendations based on ATT&CK®-mapped data
  • Note: Per our partnership agreement with MITRE Engenuity, MITRE will have access to learner usage data.

    This course is part of a Career Path:
    Become an Incident Handler
    In this Career Path, you will learn the incident response process, from building an incident response kit and developing an incident response team, to identifying, containing, and recovering from incidents. We then steer away from a traditional “defensive-only” approach to introduce you to the attacker’s world.
    Become a SOC Analyst - Level 3
    This Career Path is for a Security Operations Center Analyst (SOC Analyst). This particular Career Path covers a more advanced-level SOC role. As a SOC Analyst, your primary duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. That means that you are responsible for protecting both online and on-premise infrastructures, monitoring data to identify suspicious activity, and identifying and mitigating risks before there is a breach. In the event that a breach does occur, a SOC analyst will be on the front line, working to counter the attack.

    Instructed by

    Instructor
    Adam Pennington

    Adam Pennington (@_whatshisface) leads ATT&CK® at The MITRE Corporation and collected much of the intelligence leveraged in creating ATT&CK's initial techniques.

    Adam is a member of the core ATT&CK® team and the editor in chief for the ATT&CK® Blog. He has spent over a decade with MITRE studying and preaching the use of deception for intelligence gathering. Adam has presented and published several venues, including FIRST CTI, USENIX Security, and ACM Transactions on Information and System Security.

    Before joining MITRE, Adam was a researcher at Carnegie Mellon's Parallel Data Lab and earned his B.S. and M.S degrees in computer science and electrical and computer engineering and the 2017 Alumni Service Award from Carnegie Mellon University.

    Instructor
    Amy L. Robertson

    Amy Robertson is a Senior Cybersecurity Engineer for the MITRE corporation with over a decade of experience mitigating national security cyber risk. Amy provides cyber threat intelligence support to a number of mission spaces, including space assets and weapons systems. Before joining MITRE, Amy led the Department of Homeland Security's NCCIC Strategic Communications team and supported international cyber collaboration and capacity-building programs across Europe and Central Asia. Amy's experience extends into the private sector, where she managed cyber risk assessments and Cyber-OSINT & SOCMINT investigations for critical infrastructure portfolios.

    Ms. Robertson received a B.A in Social Science and History from Thomas Edison State College. She graduated Magna Cum Laude from Johns Hopkins University with an M.A. in Global Security Studies.

    Instructor
    Jackie Lasky

    She's been a member of the MITRE ATT&CK® team for three years and is currently involved in various efforts involving data analytics, machine learning, and CTI for ATT&CK®.

    Jackie holds a B.S. in Computer Science from George Mason University and is currently working on her M.S. in Analytics at the Georgia Institute of Technology.

    Provider
    Cybrary Logo
    Certification Body
    MITRE Engenuity
    Certificate of Completion

    Complete this entire course to earn a MITRE ATT&CK Defender™ (MAD) ATT&CK® Cyber Threat Intelligence Certification Training Certificate of Completion