MITRE ATT&CK Training Course

Course Code

mitreattck

Duration

7 hours (usually 1 day including breaks)

Requirements

  • An understanding of information system security

Audience

  • Information systems analysts

Overview

MITRE ATT&CK is a framework of tactics and techniques used to classify attacks and assesses an organization's risk. ATT&CK brings awareness to an organization's security, identifying holes in defenses and prioritizing risks.

This instructor-led, live training (onsite or remote) is aimed at information system analysts who wish to use MITRE ATT&CK to decrease the risk of a security compromise.

By the end of this training, participants will be able to:

  • Set up the necessary development environment to start implementing MITRE ATT&CK.
  • Classify how attackers interact with systems.
  • Document adversary behaviors within systems.
  • Track attacks, decipher patterns, and rate defense tools already in place.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.

Course Outline

Introduction

What is Malware?

  • Types of malware
  • The evolution of malware

Overview of Malware Attacks

  • Propagating 
  • Non-propagating

Matrices of ATT&CK

  • Enterprise ATT&CK
  • Pre-ATT&CK
  • Mobile ATT&CK

MITRE ATT&CK

  • 11 tactics
  • Techniques
  • Procedures

Preparing the Development Environment

  • Setting up a version control center (GitHub)
  • Downloading a project that hosts a to-do list system of data
  • Installing and configuring ATT&CK Navigator

Monitoring a compromised system (WMI)

  • Instating command line scripts to conduct a lateral attack
  • Utilizing ATT&CK Navigator to identify the compromise
  • Assesing the compromise through the ATT&CK framework
  • Performing process monitoring
  • Documenting and patching the holes in the defense architecture

Monitoring a compromised system (EternalBlue)

  • Instating command line scripts to conduct a lateral attack
  • Utilizing ATT&CK Navigator to identify the compromise
  • Assesing the compromise through the ATT&CK framework
  • Performing process monitoring
  • Documenting and patching the holes in the defense architecture

Summary and Conclusion

Testimonials

★★★★★
★★★★★

Related Categories

Related Courses

Course Discounts

No course discounts for now.

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients

is growing fast!

We are looking to expand our presence in Saudi Arabia!

As a Business Development Manager you will:

  • expand business in Saudi Arabia
  • recruit local talent (sales, agents, trainers, consultants)
  • recruit local trainers and consultants

We offer:

  • Artificial Intelligence and Big Data systems to support your local operation
  • high-tech automation
  • continuously upgraded course catalogue and content
  • good fun in international team

If you are interested in running a high-tech, high-quality training and consulting business.

Apply now!

This site in other countries/regions