The speed and sophistication with which cybercriminals are launching attacks is increasing year-over-year. In fact, a recent 2019 threat report showed that the time from initial compromise of a network by an adversary to lateral movement can be as little as 19 minutes.* This is challenging threat detection and incident response teams to keep up — especially as cybercriminals are also continuously changing their methods. To drive more resilient threat detection and response, defenders need to incorporate threat intelligence and threat detection frameworks that look beyond simple indicators of compromise (IOCs) to protect their network and speed response.
Join us in discussing:
– What MITRE ATT&CK™ is and how it complements other cyber frameworks such as NIST and the Cyber Kill Chain
– How AT&T Alien Labs maps correlation rules to the tactics and techniques of MITRE ATT&CK™ so customers can better understand the context and scope of an attack
– How to detect, investigate, and respond to a multi-vector attack (TrickBot) using USM Anywhere and the MITRE ATT&CK™ — within one dashboard
*2019 Global Threat Report, Adversary Tradecraft and the Importance of Speed. CrowdStrike, 2019.