Time
8 hours 28 minutes
Difficulty
Beginner
CEU/CPE
10

Video Transcription

00:00
Hello and congratulations on reaching the end of our application of the minor attack framework journey.
00:08
Today we're going to look at our course summary and what, you know, we should know at this point in time.
00:14
So we covered the following phases in the minor attack framework
00:19
and in order of execution, based on what an attacker would be doing, moving through initial access
00:27
all the way down to getting credentials
00:30
and then moving over into discovery
00:33
all the way through to impact. So each of these faces has multiple vectors. Some we covered, some we didn't. But you can take what we've looked at. Take what we've discussed. Review the framework in your own time in your own industry. Again, it's got more than just the enterprise area we've looked at. It's got mobile devices.
00:53
I believe they're working on I CS and a number of other things. And so using
00:57
these frameworks to map them to your specific needs will help you to reduce risk. And so the key points overall that we want to take away from this is that threat. Actors
01:10
are not always easy to spot.
01:12
It's not always going to be a tell tale sign or a dead giveaway, but you just have to look for that little bit of smoke to maybe find the fire threat. Actors aircraft e in their ability to bypass controls. You know they've got ways to bypass automated controls, and so, depending on those tools, it's not always a must
01:30
we have to have that in. And a combination of human intervention in review,
01:34
which is ultimately going to give us the best protection and that end user awareness, training and due diligence can make a difference. Map in your efforts can aid in the overall risk reduction
01:46
efforts
01:48
and the attack surface awareness that you have from that will help you to better understand where you're holes and gaps are. So using this framework, mapping out your organization's controls accordingly. Understanding your risks will overall lead to, ah, harder time for threat actors to get to your data and systems
02:04
and make you a little bit more secure and help you to sleep a little better
02:08
at the end of the day. So I thank you for being a part of this with me here. I thank you for your time, and I look forward to seeing you again soon

Application of the MITRE ATT&CK Framework

This MITRE ATT&CK training is designed to teach students how to apply the matrix to help mitigate current threats. Students will move through the 12 core areas of the framework to develop a thorough understanding of various access ATT&CK vectors.

Instructed By

Instructor Profile Image
Robert Smith
Director of Security Services at Corsica
Instructor