cybersecurity thought leadership
MITRE ATT&CK: The Magic of Endpoint Protection
In our first blog, we introduced the Magic of Mitigations. They’re the key to getting started with MITRE ATT&CK. Now let’s look at some of the most magical ones, starting today with Behavior Prevention on Endpoint (M1040), Exploit Protection (M1050) and Execution Prevention (M1038). Wait, what’s the difference? At a quick glance, they might all […]
MITRE ATT&CK: The Magic of Mitigations
When learning new things, sometimes we need to slow down and take it all in. For me, understanding MITRE ATT&CK was like that. Sure, the notion of thinking like an attacker made sense, and its structure was clear. Then came the “now what?” moment. Soon I discovered the key to getting started. May I share it with you?
RSA Conference® 2020 Security Operations Center Findings Report
Find out about all the fishy (and sometimes tawdry) activity the RSAC SOC team witnessed while monitoring the Moscone Center’s public wireless network in our new report.