This is the base. MITER AT&CK
There is a huge amount of useful content on the MITER ATT&CK project on the Internet, where should a beginner start? To reduce the time spent searching and reading (often reprinted material from each other), I collected and aggregated articles, videos and books so that you can get to know the project one by one.
For beginners
Read:
Translation of the official FAQ MITER ATT&CK
Review articles about the project on Hacker.ru and from F5
Legend article: Githabification of information security
Official MITER ATT&CK: Design and Philosophy
Learn:
Official Get Started And CTI Trainings
Touch:
MITER ATT&CK in Russian from PT And from SECURITM (both matrices are outdated and do not take into account the major update of the project in November 2023)
Browse:
MITER ATT&CK for dummies from AttackIQ
Look:
We break down attacks based on MITER. My speech at CyberCamp 2022
Workshop: MITER ATT&CK Fundamentals from FIRST
MITER ATT&CK Fundamentals by Cybrary
For those who continue
Read:
Description of tactics and techniques in Russian from bassmack. The material is very outdated, but many techniques are the basis, so the material is excellent
RnD projects MITER ATT&CK for those who want to dig deeper
Best Practices for MITER ATT&CK® Mapping — provides an understanding of the methodology for identifying techniques
MITER-Engenuity channel on Medium
Official project page on Medium
Proceedings of the annual conference ATT&CKCON
Browse:
Aligning Security Operations with the MITER ATT&CK Framework Book (looked for on the Internet once or twice instead of buying on Amazon)
Look:
Consolidate knowledge
Mad20.io — MAD20™ training courses and certifications based on the MITER ATT&CK Defender™ program. Last year, all courses could be viewed for free on Cybrary, but now everything has moved to this resourcesubscription – $499 per year.
The above selection can be expanded exponentially, since you can dive headlong into each individual topic (Threat Modeling, SOC Assessment, Adversary Emulation, etc.), and there will be enough material for several hours to get acquainted with the project. If you know other cool materials, write in the comments.
Alexander Morkovchin
Head of the Consulting Department of the Information Security Center at Jet Infosystems