Speaker: Jose Barajas, Director Field Engineering, AttackIQ
Description: This talk will overview Breach and Attack Simulation and why it is valuable to fold an automated BAS into your risk management program. You will also learn the benefits of using MITRE ATT&CK to power your BAS platform. You will then get an overview of the top 12 adversarial techniques, tactics, and procedures (TTPs) where most enterprises are experiencing easily avoided protection failures. These techniques are based on AttackIQ’s automated continuous security assessment platform SaaS utilization telemetry, open-source and industry developed TTP analysis, and other MITRE ATT&CK framework correlations. Following the discussion of these TTPs, there will be insights provided into systematically closing these prevention and detection gaps within the framework of higher-level risk mitigation strategies. Lastly, we will discuss how to fold continuous security validation constructs into the customer's cyber automation continuum.
Expected Outcome: Provide a better understanding of how the Mitre Att&ck Framework can automate, and simplify validation of security controls. For a clearer understanding of their security tools ROI. And measuring the efficiency of their tools blocking, detection & reporting capabilities.
Intended Audience: Anyone concerned- and/or involved with their organizations cyber security policies and strategies.