Topic: Threat Informed Defense with MITRE ATT&CK™
Chapter Business Meeting Slides: 2019-11-20-Meeting-Presentation.pdf
The MITRE ATT&CK framework has become a widely used knowledge base and model for real cyber adversary behavior. In use across governments, private sector, and security solutions providers, ATT&CK helps to focus defenses against known threats, provides an effective tool for measuring security improvements, and drives innovation.
The session will cover the history of ATT&CK and what drove its creation at MITRE, the philosophy behind how ATT&CK is maintained, and several use cases for how it can be applied including behavioral analytic development, defensive gap analysis, and adversary emulation.
Speaker: Michael C. Long II, Senior Cyber Adversarial Engineer, The MITRE Corporation
Michael Long is a Senior Cyber Adversarial Engineer with the MITRE Corporation and a former U.S. Army Cyber Operations Specialist. Michael has over 10 years of experience in information security disciplines including adversary threat emulation, red teaming, threat hunting, and digital forensics and incident response. Michael Long has a proven track record of service in the public interest. Michael served on countless cyber operations for organizations including the Army Cyber Protection Brigade and Army Cyber Command, the results of which he regularly briefed to commanding generals, strategic executives, and congressional staffers. With MITRE, Michael continues to apply his technical expertise to improve the cybersecurity of our nations most sensitive and critical networks. Michael has a Masters Degree in Information Security Engineering from SANS Technology Institute, and holds many information security certifications including the prestigious GIAC Security Expert certification (GSE).