Accurately ATT&CKing Your Maturity Level

EvolveSec - Chicago Cybersecurity
EvolveSec - Chicago Cybersecurity
Public group

Online event

This event has passed


** Registration link to webinar for the day of the event **

This event will be LIVE-ONLINE starting at 11:30 AM Central Standard Time.

When it comes to offensive attack assessments, organizations often misidentify the level of that is right for them; however, security teams can use the MITRE ATT&CK framework to identify what types of testing are best for them.

It is difficult to choose between the myriad of assessment options such as vulnerability scans, penetration tests, and red team engagements. Luckily there's the MITRE ATT&CK framework. You can leverage ATT&CK to understand what types of assessments are right for your organization today and identify when it's time to advance to the next level.

Red teaming, penetration testing, adversary simulations, table top exercises, vulnerability scanning, assumed breach assessment, cyber resilience stress test, insider threat simulation... These are all buzzwords that can confuse decision makers when they are choosing what class of offensive testing they need. It can be overwhelming.

Often organizations will purchase elite offensive assessments and learn nothing from the carnage. Other times they won't increase the sophistication of assessments and the security organization will stagnate. Decision makers need guidance to understand what class of offensive testing is right for their maturity. This talk demonstrates how to use ATT&CK to identify what types of testing are right for a given organization.

My goal is to help folks understand how to use ATT&CK to identify what types of offensive assessments are right for their organization. I’ve conducted hundreds of offensive assessments and currently perform nation state level attack simulations.

I’ve witnessed numerous organizations undergo offensive assessment that don't align with their maturity. Sometimes they want an elite red team assessment when they don’t even have a vulnerability management program. Alternatively year-over-year they have zero-finding assessments when it’s time to level up their blue team.

I will demonstrate how organizations can leverage ATT&CK to evaluate what class of testing will help them most.

Twitter: isaiahsarju

Isaiah Sarju is a red teamer. He has contributed to the Microsoft Security Intelligence Report, conducted hundreds of offensive security engagements, and taught students how to become top tier defenders. He plays tabletop games, swims, and trains Brazilian Jiu-Jitsu.