MITRE ATT&CK Defender™ (MAD) ATT&CK® SOC Assessments Certification Training
This course prepares you for the ATT&CK® Security Operations Center Certification. In this course, students should will gain a better understanding of how modern security operations can align with ATT&CK® and how to better their operations to leverage a threat-informed defense.
The MITRE ATT&CK® framework has helped people across the security community adopt a threat-informed mindset and better align what they’re doing towards understanding and defending against real-world adversaries. But for organizations just getting started, it’s not always clear how to adopt it – sure, the concepts make sense, but how do you actually implement ATT&CK®? For many, the answer lies in understanding where they currently stand: without knowing how your current defenses map to ATT&CK®, it’s hard to see where you should improve.
This course is designed to help answer this problem by teaching students how to leverage ATT&CK® to conduct Security Operations Center (SOC) assessments. These assessments are designed to be rapid, low overhead, and broad enough to help the SOC get on their feet with ATT&CK®. Specific subjects we’ll cover include how to analyze SOC technologies like tools and data sources, how to interview and discuss ATT&CK® with SOC personnel, and how to recommend changes based on assessment results.
Anyone involved in or consulting with the day-to-day operations of a security operations center looking to adopt ATT&CK®.
- An understanding of the ATT&CK® framework through the MITRE ATT&CK Defender™ (MAD) ATT&CK® Fundamentals Badge course
- An understanding of information security and technology, and security operations
By the end of this course, students should be able to:
- Understand how SOC technologies map to ATT&CK® at a high level
- Walk through an ATT&CK®-based SOC assessment
- Interview and discuss ATT&CK® with SOC personnel
- Effectively communicate findings with ATT&CK®
- Propose enhancements to better align operations with ATT&CK®
Note: Per our partnership agreement with MITRE Engenuity, MITRE will have access to learner usage data.
Complete this entire course to earn a MITRE ATT&CK Defender™ (MAD) ATT&CK® SOC Assessments Certification Training Certificate of Completion