You're reading from Aligning Security Operations with the MITRE ATT&CK Framework Level up your security operations center for better security

Product type Paperback

Published in May 2023

Publisher Packt

ISBN-13 9781804614266

Length 192 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Rebecca Blair

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1 – The Basics: SOC and ATT&CK, Two Worlds in a Delicate Balance

2. Chapter 1: SOC Basics – Structure, Personnel, Coverage, and Tools FREE CHAPTER

3. Chapter 2: Analyzing Your Environment for Potential Pitfalls

4. Chapter 3: Reviewing Different Threat Models

5. Chapter 4: What Is the ATT&CK Framework?

6. Part 2 – Detection Improvements and Alignment with ATT&CK

7. Chapter 5: A Deep Dive into the ATT&CK Framework

8. Chapter 6: Strategies to Map to ATT&CK

9. Chapter 7: Common Mistakes with Implementation

10. Chapter 8: Return on Investment Detections

11. Part 3 – Continuous Improvement and Innovation

12. Chapter 9: What Happens After an Alert is Triggered?

13. Chapter 10: Validating Any Mappings and Detections

14. Chapter 11: Implementing ATT&CK in All Parts of Your SOC

15. Chapter 12: What’s Next? Areas for Innovation in Your SOC

16. Index

Why subscribe?

17. Other Books You May Enjoy

A brief history and evolution of ATT&CK

The ATT&CK Framework is obviously the main portion of the book, so let’s start with the basics and learn about the history, purpose, categories, and overview of different models within this chapter.

The MITRE ATT&CK Framework was founded in 2015. It started off as a total of 9 tactics and 96 techniques and quickly gained traction for how threats and attacks were categorized and organized in security. It currently stands at version 11, released in April 2022, which has 14 tactics, 191 techniques, 386 sub-techniques, and 134 groups, and covers 680 pieces of software. It remains one of the top comprehensive knowledge bases out there. Over the years, it has included specific operating systems and different types of infrastructures and environments, making it a more practical framework for categorizing threats against your environment as a whole. The growth from 2015 to 2022 alone shows the amount of work that has gone into identifying...

The rest of the chapter is locked

You're reading from Aligning Security Operations with the MITRE ATT&CK Framework Level up your security operations center for better security

Table of Contents (18) Chapters

A brief history and evolution of ATT&CK

Authors (1)

Personalised recommendations for you

You're reading from Aligning Security Operations with the MITRE ATT&CK Framework Level up your security operations center for better security

Table of Contents (18) Chapters

A brief history and evolution of ATT&CK

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you