Sign up to save your podcasts
Or
Share Jamie Williams: Adversary Emulation
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Jamie Williams: Adversary Emulation
Click here to send us your ideas and feedback on Blueprint!
There are numerous ways to test your SOC's detection and prevention capabilities, but not all are created equal. Each has their own strengths and weaknesses, and can be done on a different time scale.This week, we focus on arguably one of the most important - adversary emulation. In this episode we speak with Jamie Williams from the MITRE ATT&CK team about why adversary emulation is important, how it works, how you can get started regardless of the size of your team, and how to track and run an adversary emulation test.
Our guest: Jamie Williams
Jamie Williams is a Principal Adversary Emulation Engineer for the MITRE Corporation where he works on various exciting efforts involving security operations and research, specializing in adversary emulation and behavior-based detections. He also leads teams that help shape and deliver the “adversary-touch” within ATT&CK® and ATT&CK Evaluations.
Follow Jamie Williams on Twitter (@jamieantisocial) and LinkedIn (/in/jamie-williams-108369190).
Sponsor's Note
Support for the Blueprint podcast comes from the SANS Institute.
Since the debut of SEC450, we’ve always had students interested in a matching course covering the management and leadership aspects of running a SOC. If you like the topics in this podcast and would like to learn more about Blue Team leadership and management, check out the new MGT551: Building and Leading Security Operations Centers. This new course is designed for Security Team leaders looking to build, grow and operate a security operation center with peak efficiency. It’s a hands-on technical leadership course, that takes you through everything from scoping threat groups to use case creation, threat hunting, planning, SOC maturity and detection assessment and much much more.
Check out the course syllabus, labs and a free demo at sansurl.com/551
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn
Check out John's SOC Training Courses for SOC Analysts and Leaders:
- SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations
- LDR551: Building and Leader Security Operations Centers
Follow and Connect with John: LinkedIn
View all episodes
By SANS Institute
4.9
131131 ratings
Click here to send us your ideas and feedback on Blueprint!
There are numerous ways to test your SOC's detection and prevention capabilities, but not all are created equal. Each has their own strengths and weaknesses, and can be done on a different time scale.This week, we focus on arguably one of the most important - adversary emulation. In this episode we speak with Jamie Williams from the MITRE ATT&CK team about why adversary emulation is important, how it works, how you can get started regardless of the size of your team, and how to track and run an adversary emulation test.
Our guest: Jamie Williams
Jamie Williams is a Principal Adversary Emulation Engineer for the MITRE Corporation where he works on various exciting efforts involving security operations and research, specializing in adversary emulation and behavior-based detections. He also leads teams that help shape and deliver the “adversary-touch” within ATT&CK® and ATT&CK Evaluations.
Follow Jamie Williams on Twitter (@jamieantisocial) and LinkedIn (/in/jamie-williams-108369190).
Sponsor's Note
Support for the Blueprint podcast comes from the SANS Institute.
Since the debut of SEC450, we’ve always had students interested in a matching course covering the management and leadership aspects of running a SOC. If you like the topics in this podcast and would like to learn more about Blue Team leadership and management, check out the new MGT551: Building and Leading Security Operations Centers. This new course is designed for Security Team leaders looking to build, grow and operate a security operation center with peak efficiency. It’s a hands-on technical leadership course, that takes you through everything from scoping threat groups to use case creation, threat hunting, planning, SOC maturity and detection assessment and much much more.
Check out the course syllabus, labs and a free demo at sansurl.com/551
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn
Check out John's SOC Training Courses for SOC Analysts and Leaders:
- SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations
- LDR551: Building and Leader Security Operations Centers
Follow and Connect with John: LinkedIn
More shows like Blueprint: Build the Best in Cyber Defense
View all
Security Now (Audio)
2,005 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
The Daily
112,482 Listeners
Darknet Diaries
8,069 Listeners
Cybersecurity Headlines
140 Listeners