Dec 10, 2015

#MITRE has a Matrix that classifies the various ways that your network can be compromised. It shows all the post-exploitation categories from 'Persistence' to 'Privilege Escalation'. It's a nice way to organize all the information.

This week, Mr. Boettcher and I go over "#Persistence" and "#Command and #Control" sections of the Matrix. 

Every person who attacks you has a specific method that they use to get and keep access to your systems, it's as unique as a fingerprint. Threat intelligence companies call it TTP (#Tactics, #Techniques, and #Procedures), we also discuss the Cyber #KillChain, and where it came from.

#ATT&CK Matrix: https://attack.mitre.org/wiki/Main_Page

Tactics, Techniques, and Procedures (shows patterns of behavior) https://en.wikipedia.org/wiki/Terrorist_Tactics,_Techniques,_and_Procedures

http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf -- Cyber Kill Chain paper that inspired the ATT&CK Matrix

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2015-051-ATTACK_Matrix.mp3

iTunes: https://itunes.apple.com/us/podcast/2015-051-mitres-att-ck-matrix/id799131292?i=358670845&mt=2

TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/

BrakeSec Podcast Twitter: http://www.twitter.com/brakesec

Join our Patreon!: https://www.patreon.com/bds_podcast

Comments, Questions, Feedback: bds.podcast@gmail.com