Overview
The MITRE ATT&CK® framework helps the security community adopt a threat-informed mindset and better defend against real-world adversaries. For organizations just getting started, it isn't always clear how to adopt it. Concepts make sense, but implementation can be challenging. Understanding your current defenses' alignment with ATT&CK® is crucial for improvement.
This MITRE SOC course addresses this issue by teaching students how to leverage ATT&CK® for SOC assessments. These assessments are rapid, low-overhead, and broad enough to help SOCs get acclimated with ATT&CK®. Subjects covered include analyzing SOC technologies like tools and data sources, interviewing SOC personnel, and recommending changes based on assessment results.
Target Audience for the MITRE SOC Course
This course is designed for anyone involved in or consulting with the day-to-day operations of a security operations center looking to adopt ATT&CK®.
Prerequisites for this MITRE SOC Training
- Understanding of the ATT&CK® framework through the MITRE ATT&CK Defender™ (MAD) ATT&CK® Fundamentals Badge course
- Knowledge of information security and technology, and security operations
MITRE SOC Course Goals
By the end of this course, students should be able to:
- Understand how SOC technologies map to ATT&CK® at a high level
- Walk through an ATT&CK®-based SOC assessment
- Interview and discuss ATT&CK® with SOC personnel
- Effectively communicate findings with ATT&CK®
- Propose enhancements to better align operations with ATT&CK®
Note: Per our partnership agreement with MITRE Engenuity, MITRE will have access to learner usage data.
Syllabus
Taught by
Tags
