CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
SESSION
09/22 15:30 - 16:00 FINSEC Forum
The gap between realistic risk and ATT&CK
The MITRE ATT&CK framework, as a general knowledge base framework based on observing real-world attacker tactics and techniques, has been widely used in enterprises, governments, communities, and security products effectiveness. Even through ATT&CK, companies can learn about the TTPs used by different threat groups and then reflect on the projects that companies are currently threatening and should even prioritize.
However, these TTPs come from the investigation and analysis of real-world hacking attacks. If only these known attack techniques and tools are used to deduce the risks of real enterprises, it may fall into the misunderstanding of the consequences, such as using specific APTs. The organization's habitual skills are mainly used to test the defense ability of the enterprise, but ignore the fact that the enterprise actually has more high-risk vulnerabilities that are easy to be exploited. This talk will share the mindset and suggested ways of using ATT&CK correctly, and avoid misplaced defense resources by chasing potential attackers aimlessly
SPEAKER
Allen Own is the Executive Director of Hacker in Taiwan Association and CEO of DEVCORE. Allen is not only experienced in hacker technique research and penetration testing but also serves as a full-time lecturer and consultant for academic and government organizations. He is keen on community management and sharing. Allen specializes in website application security, penetration testing, professional education, and training in the cybersecurity field.