Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks?

Wait for the annual pen test? Probably not a good idea.

In this segment, we'll talk with Michael Mumcuoglu about how MITRE's ATT&CK framework can help defenders better prepare for inevitable attack TTPs they'll have knocking on their doors.

Segment Resources:

• CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release
• ESG Report: Operationalize MITRE ATT&CK with Detection Posture Management
• Report: Enterprise SIEMs offer inadequate threat detection
• 2023 State of SIEM Detection Risk Report

Show Notes: https://securityweekly.com/esw-352