According to me for the 1st question how MITRE can basically improve the organization, my answer (as a beginner) helps in creating use cases with the T&T provided and implement in creating rules in a SIEM platform. 2nd question - Created in 2013. 3rd question - I find this video useful on how to navigate through the MITRE matrix and view the T&T and the tools for demo of use cases.
Your video as all others help me understand subtle parts of cyber security. I learned that the Mitre organization created this useful framework based on matrices. It's a powerful tool I didn't know about as when I went to their site I couldn't detect the matrices. The idea of getting the knowledge about the attacks, then analyze attackers' behaviors, execute the right techniques, use procedures and compare results is useful. It takes us through the whole process reaching the goals of improving defense mechanisms of information systems. Thank You so much, Prabh. Great video!
Thank you for sharing your knowledge about this framework. Please continue making videos that can help students and professionals understand the in an outs in cybersecurity.
(1) To improve cybersecurity posture of org Mitre framework will be use. (2) Mitre attack framework developed in 2013. (3) Please make videos on NIST framework.
Thank you for explaining. And more importantly, thank you for sharing use cases, tools, and supporting frameworks like the NIST SP 800-53-R5. This can work well for creating remediation guidelines.
Can you please make a video on a real world Cyberattack Incident if possible. Doing an analysis of the attack with the help of MITRE ATT&CK framework and the Mitigation of that attack using MITRE ATT&CK Framework.
Different vendors say they are able to 100% Prevention in the Protection evaluation (10 of 10) 100% Detection of all attack steps (19 of 19) 98.2% Analytic Coverage (107 of 109 attack substeps) 98.2% Technique-Level Detections (107 of 109 attack substeps) 98.2% Visibility (107 of 109 attack substeps) How can we verify this quantitatively like they put it and we see for different tactics different methods are there like general, telemetry, tactic, and techniques; which method is better and what does it mean if that specific method is used?
There are vendors out there who test their products against the MITRE ATT&CK framework and use the results to sell their products. Google SentinelOne, pretty sure they publish information around how they use it to guarantee they are meeting the highest standards. Basically, when you are looking for vendors, look for ones who test against the framework, or, at the very least ask them how they came to those statements. They should be able to back up with the testing data.
According to me for the 1st question how MITRE can basically improve the organization, my answer (as a beginner) helps in creating use cases with the T&T provided and implement in creating rules in a SIEM platform.
2nd question - Created in 2013.
3rd question - I find this video useful on how to navigate through the MITRE matrix and view the T&T and the tools for demo of use cases.
Your video as all others help me understand subtle parts of cyber security. I learned that the Mitre organization created this useful framework based on matrices. It's a powerful tool I didn't know about as when I went to their site I couldn't detect the matrices. The idea of getting the knowledge about the attacks, then analyze attackers' behaviors, execute the right techniques, use procedures and compare results is useful. It takes us through the whole process reaching the goals of improving defense mechanisms of information systems. Thank You so much, Prabh. Great video!
Good overview of MITRE ATT&CK. I really loved it and subscribed to learn more!
The video that i actually need to understand ATTAC Framework. Much appreciate your time @Prabh Nair Sir ❤
Very insightful and concise explanation of MITRE ATT&CK Framework. Thanks Prabh, continue your great work mate!
this is such a great channel. you deserve million subscribers!!
Thank you for sharing your knowledge about this framework. Please continue making videos that can help students and professionals understand the in an outs in cybersecurity.
Simple with detailed explanation, just amazing.
it is good work submitted. I need more videos. Thank you
(1) To improve cybersecurity posture of org Mitre framework will be use.
(2) Mitre attack framework developed in 2013.
(3) Please make videos on NIST framework.
Thanks you :)
Thank you for explaining. And more importantly, thank you for sharing use cases, tools, and supporting frameworks like the NIST SP 800-53-R5. This can work well for creating remediation guidelines.
by using this frame work we can simulate, hunt and detect the adversaries behavior and strength the security poster of the organization.
Please provide the link that you obtain the excel data for the illustration along AC data. Thank you
I love this channel. It’s really amazing how you simplify these topics 🙏🏻
Perfect Video to understand the MITRE ATT&CK
tHNAK 4 tHA TH4 tmAAAAn! i REALLY aPPRICIATED!
Thank you for EXCELLENT explanations. Very well done
Awesome Prabh. Good insights as always.
Thanks bhai :)
Beautiful explanation. Thank you!
Thank you much Prabh! Very helpful. God bless you, friend. 😊
Hi
Please update this recording with latest version of ATT&CK features including ICS security
Please make video on how to map NIST to MITRE ATT$CK framework
Can you please make a video on a real world Cyberattack Incident if possible.
Doing an analysis of the attack with the help of MITRE ATT&CK framework and the Mitigation of that attack using MITRE ATT&CK Framework.
Fabulous Prabh ! I have one request to you please make a Video for Phishing analysis .
Very good content,you explain everything in simple synonyms. Thank you.
if i get a project about some ransomware attack where i will get the data for analysing
Super! Explained well. I have a request. Could I get the github link for the excel?
This video was very helpful... Could you plz make videos mentioning how to use MITRE navigator and how to do gap analysis etc?
Good job Prabh. You never disappoint
Thanks you :)
Where did you downloaded that Excel sheet?
Great work, Nice video
Different vendors say they are able to
100% Prevention in the Protection evaluation (10 of 10)
100% Detection of all attack steps (19 of 19)
98.2% Analytic Coverage (107 of 109 attack substeps)
98.2% Technique-Level Detections (107 of 109 attack substeps)
98.2% Visibility (107 of 109 attack substeps)
How can we verify this quantitatively like they put it and we see for different tactics different methods are there like general, telemetry, tactic, and techniques; which method is better and what does it mean if that specific method is used?
There are vendors out there who test their products against the MITRE ATT&CK framework and use the results to sell their products. Google SentinelOne, pretty sure they publish information around how they use it to guarantee they are meeting the highest standards. Basically, when you are looking for vendors, look for ones who test against the framework, or, at the very least ask them how they came to those statements. They should be able to back up with the testing data.
MITRE give an insite of how the security posture of organisation
In 2013, ATTACK
One more detailed example of mapping TTP's to an malware attack
Very useful video and understanding
Many thanks prabh sir for this video
Thanks you :)
Thanks for the wonderful session.
Pls share getup link to download the excel
can you please share the link to download Nist800 , excel file
kindly make videos on NIST framework.
Bro Can you make a tutorial of NIST FRAMEWORK
awesome prab
Really excellent
Thanks a lot
Very well explained.....
Excellent bro
Hi, can u share link for excel?
Excellent
so nice sir ❤❤
wonderful
sir can you provide this ppt
Thanks
sir please provide RSA netwitness ka iso file
I don't have dear
Adversarial
Thanks for correction:)