BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Cybrary

MITRE ATT&CK Defender™ ATT&CK® Adversary Emulation

via Cybrary

Go to class Write review

Overview

Who should take this course?

This course is designed for experienced and skilled cybersecurity practitioners who are interested in emulating real-world threats to assess cybersecurity effectiveness.

What are the prerequisites for this course?

You will gain the most benefit from this course if you have mastered the following:

  • MITRE ATT&CK® Defender™ (MAD) ATT&CK Fundamentals Training
  • Proficient in administering Windows and Linux systems from the command line
  • Proficient in basic networking concepts (OSI Model and TCP/IP)
  • Proficient in Virtual Machine software such as VMWare or VirtualBox
  • Familiar with common red team/pentester software and techniques (examples: Kali Linux distribution, Metasploit, Nmap, Mimikatz, etc.)

Why should I take this course?

In this course, you will gain the following capabilities:

  • Understand cyber adversary emulation’s purpose, its characteristics, and common use
  • cases.
  • Leverage the MITRE ATT&CK Framework to inform adversary emulation planning activities, including defining engagement objectives, scope, and rules of engagement.
  • Use cyber threat intelligence to select emulated threats of salient interest to the sponsor organization.
  • Implement adversary emulation tactics, techniques, and procedures (TTPs) based on real-world cyber threats.
  • Execute adversary TTPs to assess and improve cybersecurity, while balancing realism against time and safety constraints.
  • Use the MITRE ATT&CK Framework to communicate adversary emulation activities, findings, and recommendations for improvement.

What makes this course different from other courses on similar topics?

This course is part of the MITRE ATT&CK® Defender™ (MAD) cybersecurity training and certification program produced by MITRE's own subject matter experts. The lead instructor for this course, Michael C. Long II, is a principal cyber adversary emulation engineer at MITRE and is truly an expert in this field. You will be learning how to leverage ATT&CK for adversary emulation from the people who created the ATT&CK framework.

Why should I take this course on Cybrary and not somewhere else?

This course enables you to learn from one of the foremost experts in the field, and our on-demand format affords you the flexibility to learn at your own pace.

Syllabus

  • Adversary Emulation Fundamentals
    • Adversary Emulation Course Introduction
    • Introducing Adversary Emulation
    • Adversary Emulation Overview
    • Adversary Emulation Framework
    • Defining Engagement Objectives
    • Introducing the Adversary Emulation Plan
    • Lab: Touring the CTID Adversary Emulation Library
    • Optional Lab: Setting up Your Own Lab Environment
    • Executing the FIN6 Adversary Emulation Plan (Lab 1.3)
  • Researching Adversary TTPs
    • Adversary Emulation - Welcome to Module 2
    • Researching Adversary TTPs
    • Selecting the Emulated Threat
    • Selecting the Emulated TTPs
    • Constructing the TTP Outline
    • Addressing Intelligence Gaps
  • Adversary Emulation Planning
    • Planning Overview
    • Defining Scope, Rules of Engagement, and Approving Authorities
  • Implementing Adversary TTPs
    • Implementing TTPs Overview
    • TTP Implementation Process
    • Planning TTP Implementations (Lab 4.1 Overview)
    • Planning TTP Implementations (Lab 4.1 Walkthrough)
    • Implementing Adversary TTPs (Lab 4.2 Overview)
    • Implementing Adversary TTPs (Lab 4.2 Walkthrough)
    • Automating Adversary TTPs (Lab 4.3 Overview)
    • Automating Adversary TTPs (Lab 4.3 Walkthrough)
    • Identifying Detections and Mitigations (Lab 4.4 Overview)
    • Identifying Detections and Mitigations (Lab 4.4 Walkthrough)
  • Executing Adversary TTPs
    • Executing Adversary TTPs Overview
    • Dealing with Unexpected Situations
    • Documenting Adversary Emulation Activities
    • Developing an Adversary Emulation Plan (Lab 5.1 Overview)
    • Developing an Adversary Emulation Plan (Lab 5.1 Walkthrough)
    • Adversary Emulation Course Wrap-up

Taught by

Michael C. Long II and Govardhen Arunagiri

Reviews

Start your review of MITRE ATT&CK Defender™ ATT&CK® Adversary Emulation

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.