11 Implementing ATT&CK in All Parts of Your SOC

This chapter will outline how to narrow down your environment and prioritize where you need to fix a coverage area. The chapter will then list how you can implement detections and the ATT&CK framework as part of your overall security posture, and how it can be applicable to teams outside of the SOC as well. This chapter will cover the following:

Examining a risk register at the corporate level
Applying ATT&CK to NOC environments
Mapping ATT&CK to compliance frameworks
Using ATT&CK to create organizational policies and standards

Technical requirements

For this chapter, there are no installations or specific technologies that are required.

Examining a risk register at the corporate level

As discussed ...

Get Aligning Security Operations with the MITRE ATT&CK Framework now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Aligning Security Operations with the MITRE ATT&CK Framework by Rebecca Blair

11

Implementing ATT&CK in All Parts of Your SOC

Technical requirements

Examining a risk register at the corporate level

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly