Next Meeting Thursday, July 9th, 2020 from 6:00 PM to 8:00 PM (Eastern)
The CI-ISSA chapter meetings will go on as planned this month. Registered attendees will receive Zoom meeting details the day of the event. Going Remote!
Concerned about Zoom’s security and privacy? Watch the SANS On Demand Webcast sans.org/u/11LS
First Presentation: ATT&CK Trends and How to Use Them
Speaker: Jeff Felling
The MITRE ATT&CK® framework has generated a lot of buzz in the security community over the last few years. But what is it, and what value does it provide? Is it worth all the effort of mapping to ATT&CK? Can we learn anything from it? In this talk we’ll cover:
- a basic overview of ATT&CK
- some thoughts on how a security organization can incorporate ATT&CK into their workflow
- reviewing detection data through an ATT&CK lens
- some thoughts on applying this to expand your depth and breadth of detection coverage
Jeff Felling is a puzzle solver who currently contemplates the conundrums confounding corporate computer custodians. After nearly a dozen years analyzing anomalies, foraging for forensic artifacts, and mulling over malware for the DoD, Jeff returned home to Indiana in 2016 where he helped create Anthem, Inc.’s threat hunting program, ORION, prior to joining Red Canary in April 2019 and founding their Intelligence team. Jeff holds degrees in mathematics from Johns Hopkins University (MS) and Purdue University (BS), and is certified in security, incident handling, and forensic analysis through SANS.
Second Presentation: TBD*