{"id":90263,"date":"2022-11-18T17:08:47","date_gmt":"2022-11-18T17:08:47","guid":{"rendered":"https:\/\/nursingstudybay.com\/?p=90263"},"modified":"2022-11-18T17:08:49","modified_gmt":"2022-11-18T17:08:49","slug":"mitre-attck-website-2","status":"publish","type":"post","link":"https:\/\/www.colapapers.com\/assessments\/mitre-attck-website-2\/","title":{"rendered":"Mitre ATT&amp;CK website"},"content":{"rendered":"<p>Mitre ATT&amp;CK website.<\/p>\n<p>Each case study should have a minimum of 900 words double-spaced, Times New Roman font type and 12pt font size. (With that in mind, 900 typed words is about three pages, not including the title and reference pages).&nbsp;Case studies must be formatted according to APA guidelines using a MS Word document and include at least three (3) references that support your work.<\/p>\n<p>For this case study, you will use the Mitre ATT&amp;CK website. This is a global knowledge base of adversary tactics and techniques based on real-world observations. The ATT&amp;CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.&nbsp;Cyber threat intelligence is all about knowing what your adversaries do and using that&nbsp;information to improve decision-making. For an organization with just a couple of analysts&nbsp;that wants to start using ATT&amp;CK for threat intelligence, one way you can start is by taking&nbsp;a single group you care about and looking at their behaviors as structured in ATT&amp;CK.&nbsp;<\/p>\n<p>Mitre ATT&amp;CK&nbsp;&nbsp;-https:\/\/attack.mitre.org\/<\/p>\n<p>You should complete the following steps:<\/p>\n<p>Understand ATT&amp;CK&nbsp;\u2014 Familiarize yourself with the overall structure of ATT&amp;CK&nbsp;tactics (the adversary\u2019s technical goals), techniques (how those goals are achieved),&nbsp;and procedures (specific implementations of techniques). Take a look at the&nbsp;Getting&nbsp;Started&nbsp;page and&nbsp;Philosophy Paper.<br \/>\nFind the behavior&nbsp;\u2014 Think about the adversary\u2019s action in a broader way than just the&nbsp;atomic indicator (like an IP address) they used. For example, the malware in the above&nbsp;report \u201cestablishes a SOCKS5 connection.\u201d The act of establishing a connection is a&nbsp;behavior the adversary took.<br \/>\nResearch the behavior&nbsp;\u2014 If you\u2019re not familiar with the behavior, you may need to do&nbsp;more research. In our example, a little research would show that SOCKS5 is a Layer 5&nbsp;(session layer) protocol.<br \/>\nTranslate the behavior into a tactic&nbsp;\u2014 Consider the adversary\u2019s technical goal for that&nbsp;behavior and choose a tactic that fits. The good news: there are only&nbsp;12 tactics&nbsp;to&nbsp;choose from in Enterprise ATT&amp;CK. For the SOCKS5 connection example, establishing&nbsp;a connection to later communicate would fall under the&nbsp;Command and Control tactic.<br \/>\nFigure out what technique applies to the behavior&nbsp;\u2014 This can be a little tricky, but&nbsp;with your analysis skills and the ATT&amp;CK website examples, it\u2019s doable. If you search the&nbsp;website for SOCKS, the technique&nbsp;Standard Non-Application Layer Protocol&nbsp;(T1095)&nbsp;pops up. Looking at the technique description, you\u2019ll find this could be where&nbsp;our behavior fits.<br \/>\nWrite a report of your findings following the case study guidelines above.<br \/>\nMake sure to include at least four (4) refrences that support your work.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mitre ATT&amp;CK website. Each case study should have a minimum of 900 words double-spaced, Times New Roman font type and 12pt font size. (With that in mind, 900 typed words is about three pages, not including the title and reference pages).&nbsp;Case studies must be formatted according to APA guidelines using a MS Word document and [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8420],"tags":[8448],"class_list":["post-90263","post","type-post","status-publish","format-standard","hentry","category-essay-example-pdf","tag-mitre-attck-website"],"_links":{"self":[{"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/posts\/90263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/comments?post=90263"}],"version-history":[{"count":0,"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/posts\/90263\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/media?parent=90263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/categories?post=90263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.colapapers.com\/assessments\/wp-json\/wp\/v2\/tags?post=90263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}