CTO Sessions: The Underappreciated Tactic of MITRE ATT&CK Framework - Collection
Databases are key targets for hackers looking to steal data. However, there is insufficient emphasis by the MITRE ATT&CK Framework on the Collection tactic regarding access of data from a database.
Hackers collect data through eavesdropping/man in the middle attacks of data in transit, by capturing data at the point of collection (such as point of sale devices), exfiltrating files containing sensitive data, etc. But the motherlode is the database. By watching how and what data is accessed from a database it is possible to determine whether such access constitutes an attempted data theft. This is the equivalent of catching a bank robber in the vault.
This webcast covered more about the database gaps in the current MITRE ATT&CK Framework. Our speakers discussed:
- What a Security Operations Center (SOC) engineer should know about database security
- Database Security using the MITRE ATT&CK Framework
- How to effectively monitor and detect security events in database environments
- Proposed new Technique for Collection Tactic of ATT&CK
Speaker and Presenter Information
Gina Scinta, Deputy CTO, Thales TCT
Rich Johnson, Imperva Principal Sales Engineer, Thales TCT
Relevant Government Agencies
Other Federal Agencies, Federal Government, State & Local Government
Event Type
On-Demand Webcast
This event has no exhibitor/sponsor opportunities
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Event Sponsors
Organizer
Thales TCT Government Team at Carahsoft
