11-11-2020 ACM Webcast: How to Cover C&C in the MITRE ATT&CK Matrix

Active Countermeasures Webcast

11-11-2020

How to Cover C&C in the MITRE ATT&CK Matrix

We all look to the MITRE ATT&CK Matrix for guidance to understand attack techniques as well as to mitigate their risks. If you want to take a strong defense-in-depth approach, you will want to ensure you have coverage of each ATT&CK framework category. Arguably, one of the most difficult columns to both test and implement is the Command and Control column.

In this ACM webcast, we’ll run down the Command and Control column to identify how we can both detect and test each described threat vector.

Download Slide Deck

Presented by: John Strand

Timeline:

  • 0:00:00 – PreShow Banter™ — Geek Dance Party
  • 0:09:48 – FEATURE PRESENTATION: How to Cover C&C in the AT&TCK Matrix
  • 0:14:03 – Problems with IDS
  • 0:19:11 – Endpoint Protection Review: A Change in the Landscape
  • 0:23:13 – MITRE Command & Control & Exfiltration
  • 0:26:48 – MITRE Shield
  • 0:33:59 – Why Is This Necessary?
  • 0:36:18 – Malware PCAP Samples
  • 0:47:09 – Passer
  • 0:50:51 – Creating Command & Control
  • 0:58:04 – Conclusions & Questions
  • 1:09:52 – DEMO: AI-Hunter (Active Countermeasures) Commercial Demo
AC-Hunter Datasheet
AC-Hunter Personal Demo
Subscribe to Our Blog
Archives

Sign up for email notifications of our new blog posts, threat hunting training, webcasts and other relevant information.

We are not spammy and you can unsubscribe at any time :)

* indicates required