Improve Your Security Operations Center with the MITRE ATT&CK Framework

Price: $31.99
(as of May 21,2023 02:33:20 UTC – Details)

The Mitre ATT&CK framework is an excellent resource for all Security Operations Centers (SOC), but often the challenge is implementing it for different use cases. This book presents practical examples that will help you align your SOC with the ATT&CK framework for successful implementation.

In addition, when you purchase the printed or Kindle version of this book, you get a free PDF eBook version.

Key Features

Gain a deeper understanding of the Cloud, Windows, and Network ATT&CK frameworks
Assess the attack potential and implement frameworks aligned with the Mitre ATT&CK
Bridge security gaps to detect and respond to all security threats

Book Description

The book provides a comprehensive guide that helps SOC managers, analysts, security consultants, CISOs, and security engineers improve their organization’s security posture. It incorporates new techniques for managing the modern security threats and furnishes the reader with the tools and knowledge to advance in their security career.

The first section of the book helps you identify your SOC environment’s strengths and weaknesses and how the ATT&CK framework can improve it. The second section discusses the implementation of the framework to fill the security gaps identified, accelerating the process without additional external resources’ need. Finally, the book provides insights into the world of active SOC managers and practitioners who use the ATT&CK framework, giving you expert guidance, best practices, and ways to continuously enhance your SOC.

By reading this book, you’ll gain insights on how to assess your SOC environment, implement the ATT&CK framework, and advance in your security career.

What You Will Learn

Gain a deeper understanding of the Mitre ATT&CK framework
Avoid common implementation mistakes and provide maximum value
Create efficient detections that align with the framework
Implement continuous improvements on detections and review ATT&CK mapping
Discover how to optimize SOC environments with automation
Review different threat models and their use cases

Who This Book Is For

This book is an essential resource to SOC managers, security analysts, CISOs, security engineers, and security consultants who aim to improve their organization’s security posture. However, it requires basic knowledge of Mitre ATT&CK and an in-depth understanding of triage and detections.

Table of Contents

SOC Basics – Structure, Personnel, Coverage, and Tools
Analyzing Your Environment for Potential Pitfalls
Reviewing Different Threat Models
What is the ATT&CK Framework?
A Deep Dive into the ATT&CK Framework
Strategies to Map to ATT&CK
Common Mistakes with Implementation
Return on Investment Detections
What Happens After an Alert is Triggered?
Validating Any Mappings and Detections
Implementing ATT&CK in All Parts of Your SOC
What’s Next? Areas for Innovation in Your SOC

Publisher ‏ : ‎ Packt Publishing (May 19, 2023)
Language ‏ : ‎ English
Paperback ‏ : ‎ 192 pages
ISBN-10 ‏ : ‎ 1804614262
ISBN-13 ‏ : ‎ 978-1804614266
Item Weight ‏ : ‎ 12 ounces
Dimensions ‏ : ‎ 7.5 x 0.44 x 9.25 inches