Paul's Security Weekly Subscribe

Threat Management

2020 MITRE ATT&CK Malware Trends – Greg Foss – PSW #653

May 28, 2020

The MITRE ATT&CK framework has had a major impact on the cybersecurity industry and has given a defenders a haystack in which to focus their defensive efforts. What’s most interesting, perhaps, is where and how these TTPs intersect and how we can use that information to determine patterns and disrupt attacks by analyzing historical datasets.

Full episode and show notes

Announcements

Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!

Guest

Senior Threat Researcher at VMware Carbon Black

Greg Foss is a Senior Threat Researcher with VMware Carbon Black’s Threat Analysis Unit (TAU) where he focuses on detection engineering, security efficacy, and bypasses across the diverse product line. In previous roles, Greg led a Threat Research team, built and ran a Global Security Operations program, consulted in penetration testing, and worked as a security analyst for the federal government. Greg is a very active member of the Denver information security community who loves to give back and support the industry.

Hosts

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Sr. InfoSec Consultant at Online Business Sytems

https://www.obsglobal.com/

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Product Security Research and Analysis Director at Finite State

@haxorthematrix

https://www.finitestate.io/

https://breakstuffforfun.com/

Retired Senior Cyber Advisor at Lawrence Livermore National Laboratory

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

http://darkelement.io/

Related

Security Architecture

Hacker Heroes – Haroon Meer – PSW Vault

December 25, 2024

Unraveling Cybersecurity Complexity: A Conversation with Haroon Meer Haroon Meer, an influential figure in the world of cybersecurity, takes center stage in this podcast interview. With a deep reservoir of knowledge and a track record of tackling complex security challenges, Haroon has established himself as a key player in the InfoSec domain. ...

Risk Assessments/Management

D3FEND 1.0: A Milestone in Cyber Ontology – Peter Kaloroumakis – ESW #388

December 19, 2024

Since D3FEND was founded to fill a gap created by the MITRE ATT&CK Matrix, it has come a long way. We discuss the details of the 1.0 release of D3FEND with Peter in this episode, along with some of the new tools they've built to go along with this milestone. To use MITRE's own words to describe the gap this project fills: "it is necessary tha...

Deloitte, e-Tattoos, Cp3o, Chemonics, IPv6, 6, Chinese Emperors, Aaran Leyland… – SWN #435

December 6, 2024

Deloitte, e-Tattoos, Web 3.0, Cp3o, Chemonics, IPv6, the Number 6, Chinese Emperors, Aaran Leyland, and More, on this edition of the Security Weekly News.