One Week Left to Get an 11" iPad Pro with Apple Pencil w/ OnDemand Training

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Using the MITRE ATT&CK Framework for Detection and Threat Hunting

  • Thursday, May 07, 2020 at 1:00 PM EDT (2020-05-07 17:00:00 UTC)
  • Trevor Daughney

Sponsor

  • Exabeam

You can now attend the webcast using your mobile device!

  

Overview

Threat hunting is evolving from focusing on IoCs to TTPs in order to understand the entire breadth of an attack, rather than simply stringing together its artifacts. In this presentation you will learn how to uncover modern attacks by detecting and investigating common tactics, techniques and procedures (TTPs) used by attackers, including:

  •    An introduction to MITRE ATT&CK and recent changes to the framework
  •    An explanation of how the framework can be used by security teams.
  •    An outline how Exabeam can help you defend against attacker TTPs using machine-learning based anomaly detection and threat hunting

Security practitioners will leave this presentation more knowledgeable about how to uncover the entirety of attacks by focusing on TTPs.

Speaker Bio

Trevor Daughney

Trevor Daughney is Vice President of Product Marketing at Exabeam. Trevor is a marketing executive with a track record of building high performing teams to take enterprise cybersecurity SaaS and software technology and turn them into successful global businesses. Prior to Exabeam, he led enterprise product marketing at McAfee, Ping Identity and Symantec. Trevor approaches marketing with a global mindset, and builds on his experiences living and working in the US, Canada and Asia. He has an MBA from the University of California, Berkeley.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.