Recently I partnered up with Kevin Kline (SentryOne blog | twitter) and SentryOne to record a webinar on learning from data breaches. We start by talking about Mitre’s ATT&CK framework. Then we move in to a selected set of data breaches applying the ATT&CK framework to understand the basic tactics and techniques which were successful in each breach and what mitigation steps could have been taken to prevent the unintended access, or at least, make it more difficult. This is the first of a two part series, so this is an overview of what were the issues, what were done, and how generally accepted security best practices could have made a huge difference.
For the US, the initial presentation will be April 15 at 11:30 AM Eastern. For EMEA, it’ll be April 16 at 11:00 AM Central European Summer Time.