Exercise 3: Comparing Layers in ATT&CK® Navigator
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
2 hours 24 minutes
Difficulty
Intermediate
CEU/CPE
3
Video Transcription
00:00
>> In the last few slides,
00:00
you learned how to create and combine
00:00
different navigator layers.
00:00
Now, you'll get the chance to
00:00
apply what you learned and try on your own.
00:00
Let's go ahead and get started.
00:00
Our objectives for this Lesson 3.4,
00:00
or to gain hands-on practice with
00:00
defining and comparing layers in
00:00
the ATT&CK Navigator tool and to review
00:00
the overlapping techniques and
00:00
sub-techniques between the two different groups.
00:00
Before you begin, please refer to
00:00
the resources section for this exercise.
00:00
Once you're ready, you can get started by
00:00
navigating to the following link on step Number 1.
00:00
When you're there, you can select the techniques for
00:00
APT39 and APT32 into separate navigator layers.
00:00
Once you have their independent layers,
00:00
combine them like I showed you before,
00:00
into a third new layer
00:00
and give a color and a score to them.
00:00
This will give you a list of
00:00
overlapping techniques for the two APT groups.
00:00
We suggest giving yourself
00:00
around 15 minutes to perform this exercise. Good luck.
00:00
If you perform the exercise correctly,
00:00
you should now have a single layer showcasing
00:00
the overlapping techniques between APT39 and APT32.
00:00
The overlapping techniques will be shaded in green
00:00
as indicated by the legend in the bottom right.
00:00
We can now take a look at what are some of
00:00
the overlapping techniques and
00:00
sub-techniques that you identified in this exercise.
00:00
Now, if you've finished with creating
00:00
your single overlapping layer navigator,
00:00
take a few moments to review
00:00
the techniques that we have here that were
00:00
shared between the two groups
00:00
that we just did in the exercise.
00:00
To summarize what we learned in Lesson 3.4,
00:00
we worked through the defining and comparing
00:00
layers using ATT&CK Navigator and we
00:00
reviewed the intersection overlapping techniques
00:00
for APT32 and APT39.
00:00
Next up we'll be going to Module 4,
00:00
which is making defensive recommendations
00:00
from ATT&CK maps data.
00:00
You can now proceed to that module
00:00
as this is the end of Module 3.
Up Next
Similar Content
