Alexia Crumpton is a Defensive Cyber Operations Researcher with over seven years of experience in software development, SOCs, and Malware Reverse Engineering. Her passion lies in heuristic behavior analysis in regards to adversary TTPs and countermeasures used to defend against them.
Resources mentioned in this episode:
CAR - The MITRE Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.
Top ATT&CK Techniques – Medium Blog, Github, Calculator
Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques. Our open methodology considers technique prevalence, common attack choke points, and actionability to enable defenders to focus on the ATT&CK techniques that are most relevant to their organization.
Other MITRE Projects: MITRE empowers the cyber community with the knowledge, training, and expertise to implement an effective threat-informed defense strategy. (Ex: ATT&CK, Caldera, Engage, D3FEND, 11 Strategies SOC Book, CVE/CWE/CAPEC, CTID, MAD, ATT&CK Evaluations) With these frameworks, MITRE arms the worldwide community of cyber defenders. We give them vital information to thwart network intruders, build resiliency against future attacks, and develop assurance to overcome possible vulnerabilities.
Support for the Blueprint podcast comes from the SANS Institute.
If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.
This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.
Check out the details at sansurl.com/450! Hope to see you in class!
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn