In the latest episode of our podcast, Security Nation, we sat down to talk with Todd Beebe about the automated threat simulation system that he built for his current employer. Todd is the information security officer for an oil and gas company in Texas. He’s been working in information security since the early ‘90s, and cut his teeth doing penetration tests on companies through dial-up modems. He was also part of the team that built the first web application firewall to successfully defend servers from attacks like Code Red and Nimda.
Needless to say, he has a lot of experience in vulnerability management and security. Here is our recap of the podcast:
Todd was initially brought onto his company to build a security program. His first initiative was to determine where he had control over his assets and what attacks were (or weren’t) being detected. Todd and his new team leveraged the MITRE ATT&CK framework to build a daily threat simulation tool.
The MITRE ATT&CK framework breaks an attack down into categories or phases. For instance, the attack may start with initial access and move to gaining access, privilege escalation, lateral movement, and then data exfiltration. This provides a much wider view into the similarities in what actions attackers use to break in, regardless of who they are or where they come from. With this kind of visibility, Todd and his team were able to mimic what attackers actually do and see if their defenses protected against them.
In order to build the simulation tool, Todd and his team used existi ..
Support the originator by clicking the read the rest link below.
