The AppSec kill-chain evolved - TTPs for modern defenses

Wednesday, June 26, 2019

11:30 a.m. ET/ 8:30 a.m. PT

New and popular frameworks such as MITRE ATT&CK have aided organizations in extending their previous kill-chain models to be more focused on the actual tactics, techniques, and procedures (TTPs) that attackers are using in the real world. And while MITRE ATT&CK was originally designed for Windows-based enterprise networks, the same concepts can apply to application security.

In order to properly defend against adversaries, an organization must be aware of the specific TTPs used at each phase of an attack.

In this webcast, we will take a lifecycle approach to understanding web app attacks, share examples of the tools and techniques used in each phase, and the defenses security teams can employ to protect their applications.

This will include an analysis of:

  • Attacker preparations and anonymity
  • Enumeration and Scanning
  • Gaining credentialed access to applications and accounts
  • Exploitation and detection evasion
  • Abuse of APIs
  • Pivoting to do damage after an exploit
 
Join Kelly Brazil, AppSec expert and VP of Systems Engineering at ThreatX, for this 45-minute presentation and leave with a better understanding of the key TTPs at the heart of modern application attacks and tips for ensuring continuous defenses across the lifecycle of an attack.
Presenter
Kelly Brazil
Web App Security Expert
ThreatX
View Biography

Registration details:

By registering you are accepting our Privacy Policy and Terms of Use.

Our registration process uses cookies, by submitting this registration form you agree to our cookie policy.

(*) denotes required form field(s)

Submit