Assessment and Engineering

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
1 hour
Difficulty
Beginner
CEU/CPE
2
Video Transcription
00:00
welcome to module three, less than four assessment and engineering.
00:08
In this lesson, we will explore how we can capture the results of third emulation and other outputs to identify gaps in our defenses.
00:16
We also build an appreciation of how measuring our defenses leads to making informed improvements.
00:25
The goal of this lesson is improvement,
00:28
and we can use attack to measure and track progress
00:31
as we assess coverage,
00:33
prioritize gaps
00:34
and tuner defenses.
00:39
To highlight example of this,
00:40
let's look back at our analytic from listen to.
00:43
As you recall, this analytic is targeting identifying adversaries, dumping credentials,
00:48
Bielsa's memory.
00:52
We can have a red team emulate threat
00:54
to see how this analytic compares to adversary behaviors.
00:59
And in this case,
01:00
let's say the analytic got three procedures executed by the red team.
01:03
But miss, too.
01:08
We now have a more informed understanding of how our defenses fare against real adversary behaviors,
01:15
and in this case, it's just the LCS memory sub technique.
01:19
But we have to remember
01:22
this is just a single sub technique
01:23
within a single technique
01:25
within a single tactic,
01:30
expanding this out to the full matrix
01:33
we can see we have a lot of work to do.
01:42
But we can use inputs from our leadership as well as key stakeholders, to identify what techniques are most critical address and translate that to adversary behaviors.
01:55
We can also use similar input
01:57
to determine what risk we must tolerate based on operational shortcomings and defensive limitations.
02:06
At the end of the day,
02:07
we can repeat this process
02:08
for each technique and some technique that we're interested in
02:12
to get a full view
02:14
of where we stand and where we need to be.
02:21
As you can see, this threat driven engineering process is one piece or informed decision at a time.
02:30
It's a cumulative process that never stops
02:31
as our threats will continue to tell us
02:34
where we stand and where we need to be in the future.
02:40
And with that, reach our knowledge. Check for less than four,
02:45
which is the following best complete the following sentence,
02:47
please positive radio and take a second to select the correct answer
02:52
before proceeding.
02:59
In this case, the correct answer is B
03:00
knowledge about our adversaries. Behaviors can inform us of a prioritized and relevant opportunities for defensive improvements.
03:13
And with that,
03:14
we reached the end of lesson for
03:15
in summary,
03:16
we can use our threat focused knowledge and operations to measure our defensive posture,
03:23
and these constant measurements can identify where and how we need to make improvements.
Up Next