HOW to use MITRE ATT&CK Navigator in SOC Operations with Phishing Use Case Explained
ฝัง
- เผยแพร่เมื่อ 2 ต.ค. 2024
- Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I discuss MITRE Attack FW and how to use it in SOC operations for red and blue teaming. It can even casue loss to business or money if not used using propper techniques.
OWASP
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
owasp.org/www-...
MITRE ATT&CK® Navigator
mitre-attack.g...
HOW to use MITRE ATT&CK Framework in SOC Operations | Explained by a Cyber Security Professional
• HOW to use MITRE ATT&C...
DLP | Explained by a cyber security Professional
• DLP (Data Loss Prevent...
IPSEC and Why its Important | Explained by a cyber security Professional
• IPSEC and Why its Impo...
Statefull vs Stateless Firewall
• Stateful vs Stateless ...
SSL and TLS Encryption
• WHAT is the dfference ...
Instagram :
/ avcyberactive
Website : avcyberactive....
Contact: xboxassdss@gmail.com
If You Like my Work
Consider Donating at - paypal.me/avcy...
What are the steps for me take, to use Navigator to find out what are the Data Sources for a given Technique (for example, what are the data sources for this technique "Command and Scripting Interpreter")? Thanks.
I dont think thats possible to pull DS for a given Technique. You can try "search" but the current version is very limited.
Good 👍 one
Is owasp and mitre linked each other . I mean can we find the web application attack techniques in mitre?
Yes in a way.
For EX OWASP top 10 "Broken Access Control" has about 34 CWE's mapped to how they can be exploited and one of them is CWE-248 ie Impropper access control . But in MITRE you will dind it under various Tactic, Technique and Sub Technique.
Its not a 1-1 comparison but more of CWE of a particular application RISK can be found in detail under various Subtechnique in MITRE .
OWASP: Identification of RISK
MITRE: Implimention of Control to Mitigate the RISK.