Foundations of Operationalizing MITRE ATT&CK

As per the official AttackIQ website, this training session introduces students to the basics of the MITRE ATT&CK Framework.

Topics include its history and evolution, reasons why organizations are adopting it, and the basic workflows an organization would use to start operationalizing its security programs within the ATT&CK context.

The class will also cover the tools and resources made available to supplement MITRE ATT&CK testing, including ATT&CK Navigator and MITRE CAR.

Course Outline: 

1. Welcome To Foundations of Operationalizing MITRE ATT&CK
   • Introduction
   • Who is MITRE?
2. Threat Informed Defense
   • Introduction To Threat Informed Defense
3. What is the ATT&CK Framework?
   • Introduction To The MITRE ATT&CK Framework
4. Making ATT&CK Actionable
   • Introduction To Making ATT&CK Actionable
5. Threat Intelligence
   • Introduction To Threat Intelligence
   • Mapping Organizational Intelligence To ATT&CK
   • Expanding Intelligence Data
6. Detection and Analytics
   • Introduction to Detection and Analytics
7. Adversary Emulation and Red Teaming
   • Introduction to Adversary Emulation & Red Teaming
8. Final Assessment
   • Final Assessment & Course Survey