Pen testing, Configuration management, Attack simulation, Patch Management, SOC

SCW #71

April 27, 2021



Richard Struse, Director of The Center for Threat-Informed Defense from MITRE Engenuity joins the SCW crew for a two part interview!

-What is threat-informed defense and how does it relate to other aspects of cybersecurity?
-The importance of ATT&CK as a lens through which you can view your security posture.
-Center for Threat-Informed Defense R&D products aimed at helping defenders better assess the efficacy of the controls they have in place. Visit https://www.securityweekly.com/scw for all the latest episodes!

Full Episode Show Notes

ATT&CK & CTID, Part 1

https://github.com/center-for-threat-informed-defense/attack-control-framework-mappings

Guests

Richard Struse

Richard Struse – Director, The Center for Threat-Informed Defense at MITRE Engenuity

Richard Struse is the founding director of The Center for Threat-Informed Defense, a collaborative public interest R&D initiative of MITRE Engenuity. Prior to co-founding the Center, he served as the Chief Strategist for Cyber Threat Intelligence at MITRE. In 2018, Mr. Struse was elected to serve on the board of directors of OASIS, a not-for-profit international standards and open-source organization where he also is the co-chair of the Cyber Threat Intelligence Technical Committee.

Previously, Mr. Struse served as the Chief Advanced Technology Officer for the U.S. Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) where he was responsible for technology vision, strategy and implementation. Mr. Struse is the creator of the STIX and TAXII automated information sharing initiatives which have been widely adopted across the public and private sectors. In October 2014, Secretary of Homeland Security Jeh Johnson presented Mr. Struse with one of the department’s highest honors, the Secretary’s Award for Excellence, in recognition of his pioneering work on STIX and TAXII. Federal Computer Week recognized Mr. Struse as one of the “Federal 100” in recognition of his leadership role in the development of cyber threat intelligence technology standards.

Prior to joining DHS, Mr. Struse was Vice President of Research and Development at VOXEM, where he was responsible for the architecture, design and development of a high?performance, extreme high?reliability communications software platform that is in use in telecommunications systems around the world. He began his technical career at Bell Laboratories.

Hosts

Fredrick

Fredrick “Flee” Lee – CSO at Gusto

@fredrickl

Fredrick “Flee” Lee is the Chief Security Officer at Gusto, where he leads information and physical security strategies including consumer protection, compliance, governance and risk. Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts at large financial services companies and technology startups, most recently as Square’s Head of Information Security. He previously held senior security and privacy roles at Bank of America, NetSuite and Twilio. Lee was born and raised in Mississippi and holds a bachelor’s degree in computer engineering from the University of Oklahoma.

Jeff Man

Jeff Man – #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Josh Marpet

Josh Marpet – COO at Red Lion

@quadling

COO of Red Lion
IANS Faculty
Blockchain Patent Holder
MISTI Instructor
Entrepreneurship Curmudgeon
Board Member BSidesDE
Board Member BSidesDC
Ex-cop and Fireman

Scott Lyons

Scott Lyons – CEO at Red Lion

@Csp3r

CEO at Red Lion

Announcements

  • Security Weekly listeners save $100 on their RSA Conference 2021 All Access Pass! RSA Conference will be a fully virtual experience from May 17th-20th, 2021. Security Weekly will be live streaming Monday-Thursday in the virtual broadcast alley, interviewing some of the top sponsors and speakers for the event. To register using our discount code, please visit https://securityweekly.com/rsac2021 [securityweekly.com] and use the code 5U1CYBER! We hope to “see” you there!

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!



Richard Struse, Director of The Center for Threat-Informed Defense from MITRE Engenuity joins the SCW crew for a two part interview!

-What is threat-informed defense and how does it relate to other aspects of cybersecurity
-The importance of ATT&CK as a lens through which you can view your security posture
-Center for Threat-Informed Defense R&D products aimed at helping defenders better assess the efficacy of the controls they have in place Visit https://www.securityweekly.com/scw for all the latest episodes!

Full Episode Show Notes

ATT&CK and CTID, Part 2

https://github.com/MrJeffMan/Mapping-MITREATT-CK-to-PCIDSS

Guests

Richard Struse

Richard Struse – Director, The Center for Threat-Informed Defense at MITRE Engenuity

Richard Struse is the founding director of The Center for Threat-Informed Defense, a collaborative public interest R&D initiative of MITRE Engenuity. Prior to co-founding the Center, he served as the Chief Strategist for Cyber Threat Intelligence at MITRE. In 2018, Mr. Struse was elected to serve on the board of directors of OASIS, a not-for-profit international standards and open-source organization where he also is the co-chair of the Cyber Threat Intelligence Technical Committee.

Previously, Mr. Struse served as the Chief Advanced Technology Officer for the U.S. Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) where he was responsible for technology vision, strategy and implementation. Mr. Struse is the creator of the STIX and TAXII automated information sharing initiatives which have been widely adopted across the public and private sectors. In October 2014, Secretary of Homeland Security Jeh Johnson presented Mr. Struse with one of the department’s highest honors, the Secretary’s Award for Excellence, in recognition of his pioneering work on STIX and TAXII. Federal Computer Week recognized Mr. Struse as one of the “Federal 100” in recognition of his leadership role in the development of cyber threat intelligence technology standards.

Prior to joining DHS, Mr. Struse was Vice President of Research and Development at VOXEM, where he was responsible for the architecture, design and development of a high?performance, extreme high?reliability communications software platform that is in use in telecommunications systems around the world. He began his technical career at Bell Laboratories.

Hosts

Fredrick

Fredrick “Flee” Lee – CSO at Gusto

@fredrickl

Fredrick “Flee” Lee is the Chief Security Officer at Gusto, where he leads information and physical security strategies including consumer protection, compliance, governance and risk. Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts at large financial services companies and technology startups, most recently as Square’s Head of Information Security. He previously held senior security and privacy roles at Bank of America, NetSuite and Twilio. Lee was born and raised in Mississippi and holds a bachelor’s degree in computer engineering from the University of Oklahoma.

Jeff Man

Jeff Man – #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Josh Marpet

Josh Marpet – COO at Red Lion

@quadling

COO of Red Lion
IANS Faculty
Blockchain Patent Holder
MISTI Instructor
Entrepreneurship Curmudgeon
Board Member BSidesDE
Board Member BSidesDC
Ex-cop and Fireman

Scott Lyons

Scott Lyons – CEO at Red Lion

@Csp3r

CEO at Red Lion

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Our next live webcast will be on April 29th at 11am ET where you will learn how to prepare for & prevent modern ransomware attacks! Our next technical training will be on May 6th at 11am ET. This technical training webcast will explore common misconfigurations of NGINX, the damage they could do, and how to avoid them. Also join us May 13th at 11am ET for a technical training with Thycotic to see how attackers gain access to endpoints and learn defensive strategies to protect against those attacks. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

prestitial ad