Thanks for making this content extremely digestible regardless of individual defender's knowledge and experience level...without the ego typically observed in those with your obvious skillset. "I found nine." "Cool." 🤩
I just think the whole ATT&CK thing is a waste of time. It is never clearly explained, it adds extra administrative overhead to categorise everything... and why are you even doing that? There just doesn't seem to be any real need - you waste time ensuring everything is mapped to umpteen clumsily-named categories when you can just spend the same time actually fixing it? Nobody has ever been able to sell ATT&CK to me. I have worked at some utterly enormous organisations you have definitely heard of and never actually seen it being used in the wild. Like many other things in InfoSec it appears to be an exercise in making yourself look important while doing absolutely nothing.
Finally and glad someone said this. This is of no to very little "practical" use. Knowing "every" single attack technique and strengthening your defenses and detection mechanisms across all layers, for "each" of it will take years. And it will still be a moving target. This is yet another buzzword & hype, which is blindly amplified by many. Worst or the funny thing is the video title says Putting MITRE ATT&CK™ into '"ACTION" but she is simply reading the slides..lol
just do not understand why she should talks so fast and uncomfortable.... i pretty sure everybody watched her presentaion in youtube has paused for many times, now think about pepople who sitting there..... they saw a presentation with more than a page staff in one page while she is talking like somebody put her in 3X fast option. so in short say, people just get 60 procent of what she said.....
Any chance those slides are available to download. Thanks for the video either way 😊
How we can get this PowerPoint file?
Very helpful video
Thanks for making this content extremely digestible regardless of individual defender's knowledge and experience level...without the ego typically observed in those with your obvious skillset.
"I found nine."
"Cool."
🤩
Thanks Katie!
I just think the whole ATT&CK thing is a waste of time. It is never clearly explained, it adds extra administrative overhead to categorise everything... and why are you even doing that? There just doesn't seem to be any real need - you waste time ensuring everything is mapped to umpteen clumsily-named categories when you can just spend the same time actually fixing it?
Nobody has ever been able to sell ATT&CK to me. I have worked at some utterly enormous organisations you have definitely heard of and never actually seen it being used in the wild. Like many other things in InfoSec it appears to be an exercise in making yourself look important while doing absolutely nothing.
Dang dude no chill. Food for thought though. I wonder how much it cost to use ATT&CK.
Finally and glad someone said this. This is of no to very little "practical" use. Knowing "every" single attack technique and strengthening your defenses and detection mechanisms across all layers, for "each" of it will take years. And it will still be a moving target. This is yet another buzzword & hype, which is blindly amplified by many.
Worst or the funny thing is the video title says Putting MITRE ATT&CK™ into '"ACTION" but she is simply reading the slides..lol
Reading the slides is IMPORTANT because the IMPORTANT stuff should be ON the slides, if the slides are done well.
I think it is mainly useful in an educational setting, like for people who are studying for CompTIA certs.
Lot of unnecessary details about her self and very vague reading of the power point. Total waste of time
Dang...she's not having any kids.
LMFAO
Outstanding presentation! You're really good at this!
I took extended notes on it! Congratulations!
just do not understand why she should talks so fast and uncomfortable.... i pretty sure everybody watched her presentaion in youtube has paused for many times, now think about pepople who sitting there..... they saw a presentation with more than a page staff in one page while she is talking like somebody put her in 3X fast option. so in short say, people just get 60 procent of what she said.....
Katie ROCKS!
Thanks !!!
Superb Presentation!
Awesome delivery of the contents :) Love to repeat
That was really enlightening and highlighted some areas I never thought of. Good video
Thanks for this
I am learning lot of things from Katie ....thanks 👍
Lots of great content being shared. Thanks
Informative presentation, thank you!
The $whoami had me hooked. She lives in the command line. Haha
Very Informative , thanks !
We need to get more people in general into cyber and STEM. No need to just focus on one group.
how will we know this wont be used as wapons and force again
Thank you very much!
Very useful...thanks
Thankyou for this! What are the various job titles in a threat hunting team?
+
Thanks Katie!
Talk starts 1:10