Hands-on, immersive CTI courses at the Cyber Threat Intelligence Summit & Training in January! Register for the free Summit!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

Practical Threat Modeling with MITRE ATT&CK Analytics - SANS@Mic Tokyo

  • Wednesday, November 04, 2020 at 9:00 PM EST (2020-11-05 02:00:00 UTC)
  • Ismael Valenzuela

You can now attend the webcast using your mobile device!



Unless you've been living under a rock over the last 3 years (everything is possible right...?) I'm pretty sure you know what MITRE ATT&CK is: a framework, a reference model, and even a language, to understand how attackers behave through the study of their tactics, techniques, and procedures. However studying the adversary is of no use if we're not able to leverage that intelligence to drive our defensive strategy, as security architects and engineers. 

In this webinar, I'll show you how to systematically analyze your defensive posture doing practical threat modeling to architect for visibility and detection using MITRE ATT&CK. Through community tools and open source projects that you can easily run on your own system with docker containers, I'll demonstrate how you can run analytics and generate visualizations that can help you to identify your weakest points and prioritize your cyber defense strategy.  

Speaker Bio

Ismael Valenzuela

SANS Certified Instructor Ismael Valenzuela (@aboutsecurity) is coauthor of the CyberDefense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering, and holds many professional certifications, including the highly regarded GIAC Security Expert (GSE #132).

Since he founded one of the first IT Security consultancies in Spain, Ismael Valenzuela has participated as a security professional in numerous projects across the globe over the past 19 years. Prior to his current role as Senior Principal Engineer at McAfee, where he leads research on threat hunting using machine-learning and expert-system driven investigations, Ismael led the delivery of SOC, IR & Forensics services for the Foundstone Services team within Intel globally. Previously, Ismael worked as Global IT Security Manager for iSOFT Group Ltd, one of the world's largest providers of healthcare IT solutions, managing their security operations in more than 40 countries.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.