Presented at
Objective by the Sea version 4.0 (2021),
Sept. 30, 2021, 2 p.m.
(50 minutes)
Maybe you've heard about this MITRE ATT&CK® thing, but it's just for Windows, right? ATT&CK's free knowledge base of adversary behaviors focuses on the real-world tactics, techniques, and procedures seen in actual intrusions, and has quietly covered Macs since 2017.
Macs are a unique security space, and we'll explore what's unique about ATT&CK for macOS, and the work we're doing to improve it in 2021.
Using OceanLotus's macOS activity as a use case, we'll walk through how organizations can use ATT&CK as a focal point to improve their threat intelligence, detection analytics, adversary emulation and defensive planning.
Presenters:
-
Adam Pennington
- ATT&CK Director at The MITRE Corporation
Adam Pennington leads ATT&CK at The MITRE Corporation and collected much of the intelligence leveraged in creating ATT&CK’s initial techniques. He has spent much of his 13 years with MITRE studying and preaching the use of deception for intelligence gathering.
Prior to joining MITRE, Adam was a researcher at Carnegie Mellon's Parallel Data Lab and earned his BS and MS degrees in Computer Science and Electrical and Computer Engineering as well as the 2017 Alumni Service Award from Carnegie Mellon University. Adam has presented and published in a number of venues including FIRST CTI, USENIX Security, DEF CON, and ACM Transactions on Information and System Security.
-
Cat Self
- Lead Adversary Emulation Engineer at The MITRE Corporation
Cat Self is an Adversary Emulation Engineer at The MITRE Corporation and works as the macOS ATT&CK Lead, researching macOS specific malware, advanced persistent threat actors, and techniques.
Cat previously worked as an internal red team operator, threat hunter, and developer at Target Corporate. Cat is an Airborne Military Intelligence veteran with a passion for mentorship, researching all things Apple, and hiking mountains in foreign lands.
Links:
Similar Presentations: