SANS – Contextualizing the MITRE ATT&CK® Framework


You cannot ask your security team to simply test for credential harvesting or lateral movement without providing context for the technique.

By understanding how ATT&CK adds context to your interpretation of threat intelligence and threat actors, you will find your team better equipped to test relevant security controls.

In this webinar, we will examine how to use ATT&CK to read a threat intelligence report and show you how to bring that knowledge into your environment to test your defenses.