This is the base. MITER AT&CK

There is a huge amount of useful content on the MITER ATT&CK project on the Internet, where should a beginner start? To reduce the time spent searching and reading (often reprinted material from each other), I collected and aggregated articles, videos and books so that you can get to know the project one by one.

For beginners

Read:

Translation of the official FAQ MITER ATT&CK

Review articles about the project on Hacker.ru and from F5

Legend article: Githabification of information security

Official MITER ATT&CK: Design and Philosophy

Learn:

Official Get Started And CTI Trainings

Touch:

MITER ATT&CK in Russian from PT And from SECURITM (both matrices are outdated and do not take into account the major update of the project in November 2023)

Browse:

MITER ATT&CK for dummies from AttackIQ

Look:

We break down attacks based on MITER. My speech at CyberCamp 2022

Workshop: MITER ATT&CK Fundamentals from FIRST

MITER ATT&CK Fundamentals by Cybrary

For those who continue

Read:

Description of tactics and techniques in Russian from bassmack. The material is very outdated, but many techniques are the basis, so the material is excellent

RnD projects MITER ATT&CK for those who want to dig deeper

Best Practices for MITER ATT&CK® Mapping — provides an understanding of the methodology for identifying techniques

MITER-Engenuity channel on Medium

Official project page on Medium

Proceedings of the annual conference ATT&CKCON

Browse:

Aligning Security Operations with the MITER ATT&CK Framework Book (looked for on the Internet once or twice instead of buying on Amazon)

Look:

How to use ATT&CK Navigator

Consolidate knowledge

Mad20.io — MAD20™ training courses and certifications based on the MITER ATT&CK Defender™ program. Last year, all courses could be viewed for free on Cybrary, but now everything has moved to this resourcesubscription – $499 per year.

The above selection can be expanded exponentially, since you can dive headlong into each individual topic (Threat Modeling, SOC Assessment, Adversary Emulation, etc.), and there will be enough material for several hours to get acquainted with the project. If you know other cool materials, write in the comments.

Alexander Morkovchin

Head of the Consulting Department of the Information Security Center at Jet Infosystems

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *