Adversary Emulation with MITRE ATT&CK: Bridging the Gap Between the Red and Blue Teams
Date: November 25th, 2024
ISBN: 1098143760
Language: English
Number of pages: 400 pages
Format: EPUB
Add favorites
By incorporating cyber threat intelligence, adversary emulation provides a form of cybersecurity assessment that mimics advanced persistent threat (APT) tactics, techniques, and procedures (TTPs). This comprehensive guide introduces an empirical approach with strategies and processes collected over a decade of experience in the cybersecurity field. You'll learn to assess resilience against coordinated and stealthy threat actors capable of harming an organization.
Author Drinor Selmanaj demonstrates adversary emulation for offensive operators and defenders using practical examples and exercises that actively model adversary behavior. Each emulation plan includes different hands-on scenarios, such as smash-and-grab or slow-and-deliberate. This book uses the MITRE ATT&CK knowledge base as a foundation to describe and categorize TTPs based on real-world observations, and provides a common language that's standardized and accessible to everyone.
You'll learn how to:
• Map Cyber Threat Intelligence to ATT&CK
• Define Adversary Emulation goals and objectives
• Research Adversary Emulation TTPs using ATT&CK knowledge base
• Plan Adversary Emulation activity
• Implement Adversary tradecraft
• Conduct Adversary Emulation
• Communicate Adversary Emulation findings
• Automate Adversary Emulation to support repeatable testing
• Execute FIN6, APT3, and APT29 emulation plans
Author Drinor Selmanaj demonstrates adversary emulation for offensive operators and defenders using practical examples and exercises that actively model adversary behavior. Each emulation plan includes different hands-on scenarios, such as smash-and-grab or slow-and-deliberate. This book uses the MITRE ATT&CK knowledge base as a foundation to describe and categorize TTPs based on real-world observations, and provides a common language that's standardized and accessible to everyone.
You'll learn how to:
• Map Cyber Threat Intelligence to ATT&CK
• Define Adversary Emulation goals and objectives
• Research Adversary Emulation TTPs using ATT&CK knowledge base
• Plan Adversary Emulation activity
• Implement Adversary tradecraft
• Conduct Adversary Emulation
• Communicate Adversary Emulation findings
• Automate Adversary Emulation to support repeatable testing
• Execute FIN6, APT3, and APT29 emulation plans
Download Adversary Emulation with MITRE ATT&CK: Bridging the Gap Between the Red and Blue Teams
Similar books
Information
Users of Guests are not allowed to comment this publication.
Users of Guests are not allowed to comment this publication.