Catch up on the latest developments in cybersecurity from MITRE’s leading experts and find out how to apply new tools and technologies in your own work environment.
BY REID GILMAN - POSTED ON APRIL 26TH, 2013
SANS held its first Cyber Threat Intelligence Summit, bringing together network defenders confronting advanced cyber adversaries. Presenters and panelists shared the latest approaches to intelligence in the face of an ever-advancing cyber adversary. I had the privilege of speaking at this event and want to share my thoughts on it. read more >>
BY STEPHEN DICATO - POSTED ON APRIL 16TH, 2013
Wesley Shields: Today we're taking a detour from our regular ChopShop posts to talk about another one of MITRE's open source projects: Yaraprocessor. Stephen DiCato will be illustrating how the yarashop module for ChopShop can be used to scan network streams with Yaraprocessor. read more >>
BY COREY KALLENBERG - POSTED ON APRIL 5TH, 2013
We've all heard the adage that in order to be effective in defense, you have to think "red:" by thinking like an adversary, you can be a better defender. In cyber defense, by knowing more about how software can be exploited, we can build more secure code to begin with. read more >>
BY NATE ADAMS - POSTED ON MARCH 27TH, 2013
Hot off the success of ShmooCon 2013, where the Open Security Training community rallied colleagues to become instructors, we're talking with Nate Adams. read more >>
BY WESLEY SHIELDS - POSTED ON MARCH 22ND, 2013
As we continue to talk about the tools useful for active cyber defense, we don't want to lose sight of the role they also play in cyber threat intelligence. read more >>
BY XENO KOVAH - POSTED ON MARCH 14TH, 2013
We'd like to thank the conference organizers of ShmooCon for letting us host the "Train the Trainer" sessions this year. read more >>
BY DREW BUTTNER - POSTED ON MARCH 6TH, 2013
Many cyber threats need a weakness to exploit. Typically that weakness is a software flaw in an application that can be exploited to compromise the integrity of a host system and unleash a cyber-attack within a company. read more >>
BY WESLEY SHIELDS - POSTED ON FEBRUARY 21ST, 2013
In the previous two posts I talked about the why of ChopShop and the what of ChopShop modules. In this post I'll talk about the how of a very simple module. read more >>
Cyber Training:
RootkitsBY XENO KOVAH - POSTED ON FEBRUARY 11TH, 2013
This is the fourth in a series of posts about internally developed computer security training classes that have been taught at MITRE (Technical Training) and have been publicly released. read more >>
BY XENO KOVAH - POSTED ON JANUARY 24TH, 2013
ShmooCon has agreed to do something a little different this year. Unlike many conferences, ShmooCon has avoided offering paid training. This year we proposed to host a "Train the Trainer" event, and they accepted. read more >>
BY WESLEY SHIELDS - POSTED ON JANUARY 18TH, 2013
The annual ShmooCon hacker convention will be held February 15-17, 2013 in Washington DC. CND tool developers and cyber defenders might be interested in three MITRE presentations. read more >>
BY XENO KOVAH - POSTED ON JANUARY 18TH, 2013
This is the third in a series of posts about internally developed computer security training classes that have been taught within MITRE (Technical Training) and have been publicly released. read more >>
BY WESLEY SHIELDS - POSTED ON JANUARY 4TH, 2013
In the first post, we introduced why Chopshop, a network protocol analyzer framework, can be a useful tool in decoding network traffic for incident response. In this second part, we'll discuss how writing additional modules can extend Chopshop. read more >>
BY XENO KOVAH - POSTED ON JANUARY 4TH, 2013
This is the second in a series of posts about internally developed computer security training classes that have been taught within MITRE (Cyber Training) and have been publicly released.
In this post, the editor continues an interview with Xeno Kovah about his 2-day training class, Intermediate Intel x86: Assembly, Architecture, and Applications, released to the Open Training community. read more >>
BY WESLEY SHIELDS - POSTED ON NOVEMBER 27TH, 2012
Performing network defense can be a daunting task. In an incident response scenario you must be able to answer questions such as, "What happened, and what data left our network?" Assuming you have packet capture from the incident, being able to answer these questions hinges on your ability to understand the protocols in question. If it's a common protocol that Wireshark has decoding capability for, then answering those questions is as easy as using Wireshark. But what do you do when it's a protocol Wireshark doesn't know how to decode? Well, you have to do it yourself. read more >>
BY XENO KOVAH - POSTED ON NOVEMBER 27TH, 2012
This is the first in a series of posts that will describe our drive to release internally developed computer security training classes that originated at MITRE.
In this post, the editor shares an interview with Xeno Kovah about his two-day training class, Introductory Intel x86: Assembly, Architecture, and Applications, released to the Open Training community. read more >>
|
|
