By Splunk November 16, 2020
There’s no denying that today’s cybersecurity professionals are facing increased exposure to cyber threats. The reality is that the cybersecurity landscape has drastically changed since the beginning of 2020. Security teams big and small are struggling to balance existing and new priorities while ensuring that their security strategy is built on prevention, detection and response.
In an upcoming webinar on November 18, "Sp(e)lunking Security with MITRE ATT&CK®," guest speaker Chris Kissel, research director for security and trust products at IDC, and Bryan McAninch, senior solutions engineer at Splunk, will share their insights to help security teams maintain and increase the efficacy of their security program. This is more important than ever as COVID-19 rewrites cybersecurity rules,our home and work environments mix and businesses must reiterate security fundamentals within organizations, including alignment to frameworks such as MITRE ATT&CK.
The MITRE ATT&CK Framework and Splunk SIEM
While you might not be chit-chatting with your security analysts and SOC managers at the office water cooler, they are still working tirelessly to strengthen their organizations’ defenses by understanding risks and streamlining and automating their processes. As a result, many security teams are finding that there is a growing need to modernize their security operations centers (SOCs) and equip their security operations with more robust tools and efficient processes.
MITRE’s ATT&CK framework is one avenue SOC teams can take to reinforce their security operations. The framework, which is based on real-world cyber-attack observations, is ideal for security teams to adopt because it continuously evolves with the threat landscape. Security teams can take their security strategy a step further by complementing the framework with an analytics-driven SIEM technology such as Splunk Enterprise Security to enhance their security risk management and gain operational visibility. Analysts can implement the ATT&CK framework to map defensive security controls, enhance collaboration within their SOC, identify definable behaviors for adversarial simulation and validate mitigation and remediation capabilities. This allows security teams to stay ahead of adversaries while getting the most value from their data.
Take a deeper dive into these topics on November 18 at 10 a.m. PT/1 p.m. ET with Chris Kissel and Bryan McAninch. Register for the webinar today and learn how to:
- Gain valuable insights into which key technologies organizations should consider
- Maintain a resilient cybersecurity posture and effective frameworks
- Increase the efficacy of your SOC or security program
- Get the most value from a Splunk and MITRE ATT&CK integration
- Gain security operations and visibility through effective security incident response
- Streamline your incident response processes to enhance your security risk management
----------------------------------------------------
Thanks!
Amy Heng