Sign up to save your podcasts
Or
Share Alexia Crumpton: MITRE ATT&CK for Defenders
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Alexia Crumpton: MITRE ATT&CK for Defenders
Click here to send us your ideas and feedback on Blueprint!
One of the best frameworks that showed up within the last 5 or so years is undoubtedly the MITRE ATT&CK® framework. Many of us may know about it in passing and even reference from time to time, but very few people seem to know the true depth of knowledge contained - everything from analytics to threat groups, specific mitigation and detection opportunities, and with the newest versions, even specific data sources. In this episode we talk to the Defensive Lead of ATT&CK from MITRE, Lex Crumpton, about what every blue team member needs to know about this framework, and more!
Alexia Crumpton
Alexia Crumpton is a Defensive Cyber Operations Researcher with over seven years of experience in software development, SOCs, and Malware Reverse Engineering. Her passion lies in heuristic behavior analysis in regards to adversary TTPs and countermeasures used to defend against them.
Follow Alexia
LinkedIn: https://www.linkedin.com/in/alexia-crumpton-99930659/
Resources mentioned in this episode:
CAR - The MITRE Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.
Top ATT&CK Techniques – Medium Blog, Github, Calculator
Sponsor's Note:
Support for the Blueprint podcast comes from the SANS Institute.
If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.
This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need t
Check out John's SOC Training Courses for SOC Analysts and Leaders:
- SEC450: Blue Team Fundamentals - Security Operations and Analysis
- LDR551: Building and Leader Security Operations Centers
Follow and Connect with John: LinkedIn
View all episodes
By SANS Institute
4.9
131131 ratings
Click here to send us your ideas and feedback on Blueprint!
One of the best frameworks that showed up within the last 5 or so years is undoubtedly the MITRE ATT&CK® framework. Many of us may know about it in passing and even reference from time to time, but very few people seem to know the true depth of knowledge contained - everything from analytics to threat groups, specific mitigation and detection opportunities, and with the newest versions, even specific data sources. In this episode we talk to the Defensive Lead of ATT&CK from MITRE, Lex Crumpton, about what every blue team member needs to know about this framework, and more!
Alexia Crumpton
Alexia Crumpton is a Defensive Cyber Operations Researcher with over seven years of experience in software development, SOCs, and Malware Reverse Engineering. Her passion lies in heuristic behavior analysis in regards to adversary TTPs and countermeasures used to defend against them.
Follow Alexia
LinkedIn: https://www.linkedin.com/in/alexia-crumpton-99930659/
Resources mentioned in this episode:
CAR - The MITRE Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.
Top ATT&CK Techniques – Medium Blog, Github, Calculator
Sponsor's Note:
Support for the Blueprint podcast comes from the SANS Institute.
If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.
This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need t
Check out John's SOC Training Courses for SOC Analysts and Leaders:
- SEC450: Blue Team Fundamentals - Security Operations and Analysis
- LDR551: Building and Leader Security Operations Centers
Follow and Connect with John: LinkedIn
More shows like Blueprint: Build the Best in Cyber Defense
View all
Security Now (Audio)
1,971 Listeners
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
CyberWire Daily
1,007 Listeners
Smashing Security
311 Listeners
Click Here
406 Listeners
Darknet Diaries
7,865 Listeners
CISO Series Podcast
187 Listeners
![Talkin' About [Infosec] News, Powered by Black Hills Information Security by Black Hills Information Security](https://podcast-api-images.s3.amazonaws.com/corona/show/516141/logo_300x300.jpeg){kind=logo}
Talkin' About [Infosec] News, Powered by Black Hills Information Security
91 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
129 Listeners
How to Fix the Internet
117 Listeners
Cloud Security Podcast by Google
38 Listeners
Risky Bulletin
33 Listeners