You're reading from Aligning Security Operations with the MITRE ATT&CK Framework Level up your security operations center for better security

Product type Paperback

Published in May 2023

Publisher Packt

ISBN-13 9781804614266

Length 192 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Rebecca Blair

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1 – The Basics: SOC and ATT&CK, Two Worlds in a Delicate Balance

2. Chapter 1: SOC Basics – Structure, Personnel, Coverage, and Tools FREE CHAPTER

3. Chapter 2: Analyzing Your Environment for Potential Pitfalls

4. Chapter 3: Reviewing Different Threat Models

5. Chapter 4: What Is the ATT&CK Framework?

6. Part 2 – Detection Improvements and Alignment with ATT&CK

7. Chapter 5: A Deep Dive into the ATT&CK Framework

8. Chapter 6: Strategies to Map to ATT&CK

9. Chapter 7: Common Mistakes with Implementation

10. Chapter 8: Return on Investment Detections

11. Part 3 – Continuous Improvement and Innovation

12. Chapter 9: What Happens After an Alert is Triggered?

13. Chapter 10: Validating Any Mappings and Detections

14. Chapter 11: Implementing ATT&CK in All Parts of Your SOC

15. Chapter 12: What’s Next? Areas for Innovation in Your SOC

16. Index

Why subscribe?

17. Other Books You May Enjoy

Danger! Risks ahead – how to establish a risk registry

Risks are a common part of life, and security is no different. If anything, in my opinion, security teams operate with more risk than other business units. Therefore, as part of a security program and SOC, you’ll need to be able to effectively evaluate and measure risks, and build and manage a risk registry.

To start, you need to identify risks and determine whether they should be tracked on a risk registry. While personnel who are already experienced in information security probably already understand what a risk register is, there are many ways to complete it. This is an example of what I would recommend for setting up and evaluating a registry. The first step in identifying risks is to review whether there are currently any threat models or risks identified. If you are in an already established program, those responsible for it should have an idea of what the potential risks are, and what the common threat vectors...

The rest of the chapter is locked

You're reading from Aligning Security Operations with the MITRE ATT&CK Framework Level up your security operations center for better security

Table of Contents (18) Chapters

Danger! Risks ahead – how to establish a risk registry

Authors (1)

Personalised recommendations for you

You're reading from Aligning Security Operations with the MITRE ATT&CK Framework Level up your security operations center for better security

Table of Contents (18) Chapters

Danger! Risks ahead – how to establish a risk registry

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you