ATT&CK Deep Dive: Lateral Movement

Donuts are just one of many ruses X-Force Red has up its sleeve. Tune into X-Force Red’s webinar on January 29 at 11am ET, to hear more real hacker stories. Find out how X-Force Red hackers have broken into companies worldwide, which tricks have worked and not worked, tools they have used, and what your company should do.

One of the hottest topics at RSA San Francisco 2019 was the Mitre ATT&CK framework. Along with the Lockheed-Martin Kill Chain, it has become a standard reference model for cybersecurity professionals. Specifically, it is used to describe each stage of an attack. Pen testers, security analysts and Security Operations Center (SOC) professionals must learn how to mature their operations, as well as hone the skills of red team and blue team workers.

If you’re keeping even half an eye on the InfoSec news cycle, you know how big of a problem phishing is. The annual Verizon data breach found again this year that phishing was the leading way for malware to enter networks, with the average company reporting that 94% of detected malware came in via email. Thirty-two percent of confirmed breaches started with phishing, again the most common tactic. It makes sense, then, that so much security awareness content out there is focused on this threat. Some vendors make their business on it almost completely, with this trend extending to the phishing simulator emerging as a key selling point for those in the security awareness business.

By 2019, the nonprofit group ISACA predicts a global shortage of two million cyber security professionals. Security can no longer work in a silo-- they now need to communicate across the business and balance the needs of multiple stakeholders from product line managers to ops teams. Outreach’s CISO, Martin Rues, knew finding a candidate with the combination of DevOps, Security and Cloud would be a time-consuming exercise with low yield. He decided to invest in his teams and create an apprenticeship program to “draft and develop” internal talent, and groom then into the Cloud SecOps role that we required. Join Martin on July 26th at 1pm EDT to learn how he developed the apprenticeship program to build internal cloud security talent.