Resources

WOLF & CO Events HOU.SEC.CON 2022

HOU.SEC.CON 2022

Date

October 20, 2022

Presenters

Sean D. Goodwin, CISA, QSA, PCIP, CISSP, CCSP, GSEC, GCIH, GCIA, GCWN, GCCC, GCUX, GCPM, GDAT, GSE

Senior Manager

 

Description

Location: Marriott Marquis Houston Houston, Texas

Sean will be speaking on the topic of Combining APTs, TTPs, & GRC to build realistic security programs with MITRE ATT&CK at 1 PM on Thursday, October 20th.

High-Level Outline

  • Introduction to MITRE ATT&CK®
  • Overview Matrices •How MITRE ATT&CK® Can Be Used
  • Keeping Your Threat Models Up to Date
  • Cybersecurity Testing & Response Maturity

Potential demos to inject based on time

  • How to find and navigate MITRE ATT&CK®
  • ATT&CK Navigator
  • Atomic Red Team
  • Vectr
  • D3FEND Matrix
  • https://github.com/rabobank-cdc/DeTTECT
  • https://atc-project.github.io/atc-react/

While some of the demonstrations are technical in nature, the intent of this session is to educate the GRC world about the importance of leveraging the available tools and data-sets to make risk-informed decisions. Implementing the processes discussed here allows for security and GRC staff to work together on focusing on the risks with a high likelihood, as well as communicating in a shared language.

Back to Events