Threat Detection for Common MITRE ATT&CK Techniques

Duration: 01:43:53

If you’re ready to take a deep dive into applying the MITRE ATT&CK framework and learning how to use it in your environment, then this webinar is for you.

In this on-demand webinar, LogRhythm threat research engineers join Ultimate Security Windows Host Randy Franklin Smith to zero in on the new standard to assess the effectiveness of your security monitoring and alerting capabilities — the MITRE ATT&CK framework.

The presenters will explore the most common techniques from the MITRE ATT&CK framework, demonstrate how attackers use them, and show you how you can use them to detect and respond to threats across the entire threat lifecycle. The five techniques that will be covered include:

  1. Connection Proxy
  2. Exfiltration Over Alternative Protocol
  3. Masquerading
  4. Drive-by Compromise
  5. Service Execution

LogRhythm security experts will also demonstrate how a security information and event management (SIEM) solution paired with the MITRE ATT&CK framework helps you effectively test your security monitoring against attack techniques to validate that your technology and rules work and alert you to the right anomalous behavior.

In this on-demand webinar, you will learn how to:

  • Incorporate ATT&CK to work in your environment
  • Build out practical, technical threat detection
  • Use SIEM technology and logs for threat hunting

Watch the on-demand webinar now to further explore the MITRE ATT&CK application.