BEGIN:VCALENDAR VERSION:2.0 PRODID:IEEE vTools.Events//EN CALSCALE:GREGORIAN BEGIN:VTIMEZONE TZID:US/Eastern BEGIN:DAYLIGHT DTSTART:20160313T030000 TZOFFSETFROM:-0500 TZOFFSETTO:-0400 RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3 TZNAME:EDT END:DAYLIGHT BEGIN:STANDARD DTSTART:20161106T010000 TZOFFSETFROM:-0400 TZOFFSETTO:-0500 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11 TZNAME:EST END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20160911T224619Z UID:22E76242-AF5A-11E5-A050-0050568D2FB3 DTSTART;TZID=US/Eastern:20161025T173000 DTEND;TZID=US/Eastern:20161025T194500 DESCRIPTION:Understanding Cyber Adversaries with ATT&CK – The Post-Exploi t Threat Model\nPresented by Dr. Andy Applebaum\, Senior Cyber Security En gineer\, MITRE\nTuesday\, October 25\, 2016\n5:30 – 6:30 PM – Networki ng & Open House 6:30 – 7:30 PM - Program 7:30 – 7:45 PM – Announceme nts There is no cost to attend at McLean or Silver Spring\n\nRecent breach es have shown an ugly truth: determined adversaries will get into your net work. This talk will present the MITRE-developed Adversarial Tactics\, Tec hniques & Common Knowledge (ATT&CK)\, a framework for describing the actio ns an adversary may take while operating within an enterprise network afte r they compromise it. ATT&CK provides a common way to characterize and des cribe post-compromise adversary behavior and\, unlike other models\, was d eveloped via red teaming and analyzing public cyber threat intelligence re ports: the tactics and techniques in ATT&CK are real ones that adversaries have used in the wild. Using ATT&CK\, security personnel can better under stand and prepare for what adversaries are doing after they breach a netwo rk’s defenses\, benefitting business owners and network managers in the process. In this presentation\, we will outline the key features of ATT&CK \, describing the tactics\, techniques\, groups\, and software that make u p ATT&CK\, and outlining lessons learned using the model\, including data- based takeaways from ATT&CK and potential use cases. Topics covered will i nclude using ATT&CK for red teaming\, defensive gap analysis\, threat repo rting with ATT&CK\, and information sharing.\nDr. Andy Applebaum is a Seni or Cyber Security Engineer at The MITRE Corporation\, where he works on in ternal and sponsor-facing projects. His current research areas include off ensive and defensive security automation\, applying formal methods to thre at modeling\, and reasoning under uncertainty. He obtained his Ph.D. in co mputer science from the University of California Davis\, where his dissert ation topic was using argumentation logic for reasoning in cyber security\ , including firewall configuration management\, secure network administrat ion\, and alert correlation. He has a B.A. in computer science from Grinne ll College.\n\nJoin online meeting: https://asq509.webex.com/asq509/j.php? MTID=mbe1b51c2d4c0cc7126819b7acedf6218\n\nMeeting number: 805 274 863 Meet ing password: g3c27D2b\n\nJoin by Phone: 1-650-479-3208 Call-in toll numbe r (US/Canada) Access Code: 805 274 863\n\nCo-sponsored by: ASQ 509 SW SIG\ n\nSpeaker(s): \, \, \, \n\nAgenda: \nTuesday\, October 25\, 2016\n5:30 – 6:30 PM – Networking & Open House\n\n6:30 – 7:30 PM - Program\n\n7 :30 – 7:45 PM – Announcements\n\nBldg: MITRE-2 Building\, Room 1N100\, 7515 Colshire Drive\, McLean\, Virginia\, United States\, 22102 LOCATION:Bldg: MITRE-2 Building\, Room 1N100\, 7515 Colshire Drive\, McLean \, Virginia\, United States\, 22102 ORGANIZER:SoftwareSIG@asq509.org SEQUENCE:6 SUMMARY:Understanding Cyber Adversaries with ATT&CK – The Post-Exploit Th reat Model URL;VALUE=URI:https://events.vtools.ieee.org/m/37617 X-ALT-DESC:Description: <br /><p><strong>Understanding Cyber Adversaries wi th ATT&amp\;CK &ndash\; The Post-Exploit Threat Model</strong> <br />Prese nted by Dr. Andy Applebaum\, Senior Cyber Security Engineer\, MITRE <br /> Tuesday\, October 25\, 2016 <br />5:30 &ndash\; 6:30 PM &ndash\; Networkin g &amp\; Open House 6:30 &ndash\; 7:30 PM - Program 7:30 &ndash\; 7:45 PM &ndash\; Announcements There is no cost to attend at McLean or Silver Spri ng</p>\n<p>Recent breaches have shown an ugly truth: determined adversarie s will get into your network. This talk will present the MITRE-developed A dversarial Tactics\, Techniques &amp\; Common Knowledge (ATT&amp\;CK)\, a framework for describing the actions an adversary may take while operating within an enterprise network after they compromise it. ATT&amp\;CK provid es a common way to characterize and describe post-compromise adversary beh avior and\, unlike other models\, was developed via red teaming and analyz ing public cyber threat intelligence reports: the tactics and techniques i n ATT&amp\;CK are real ones that adversaries have used in the wild. Using ATT&amp\;CK\, security personnel can better understand and prepare for wha t adversaries are doing after they breach a network&rsquo\;s defenses\, be nefitting business owners and network managers in the process. In this pre sentation\, we will outline the key features of ATT&amp\;CK\, describing t he tactics\, techniques\, groups\, and software that make up ATT&amp\;CK\, and outlining lessons learned using the model\, including data-based take aways from ATT&amp\;CK and potential use cases. Topics covered will includ e using ATT&amp\;CK for red teaming\, defensive gap analysis\, threat repo rting with ATT&amp\;CK\, and information sharing. <br />Dr. Andy Applebaum is a Senior Cyber Security Engineer at The MITRE Corporation\, where he w orks on internal and sponsor-facing projects. His current research areas i nclude offensive and defensive security automation\, applying formal metho ds to threat modeling\, and reasoning under uncertainty. He obtained his P h.D. in computer science from the University of California Davis\, where h is dissertation topic was using argumentation logic for reasoning in cyber security\, including firewall configuration management\, secure network a dministration\, and alert correlation. He has a B.A. in computer science f rom Grinnell College.</p>\n<p>&nbsp\;</p>\n<p>Join online meeting: https:/ /asq509.webex.com/asq509/j.php?MTID=mbe1b51c2d4c0cc7126819b7acedf6218</p>\ n<p>Meeting number: 805 274 863 Meeting password: g3c27D2b &nbsp\;</p>\n<p >Join by Phone: &nbsp\;1-650-479-3208 Call-in toll number (US/Canada) Acce ss Code: &nbsp\;805 274 863&nbsp\;</p><br /><br />Agenda: <br /><p>Tuesday \, October 25\, 2016 <br />5:30 &ndash\; 6:30 PM &ndash\; Networking &amp\ ; Open House</p>\n<p>6:30 &ndash\; 7:30 PM - Program</p>\n<p>7:30 &ndash\; 7:45 PM &ndash\; Announcements</p> END:VEVENT END:VCALENDAR