Thales Trusted Cyber Technologies   Contact Us | Careers

The Underappreciated Tactic of MITRE ATT&CK Framework – Collection

Documents

A Security Engineers Guide to Database Activity Monitoring

Databases are key targets for hackers looking to steal data. However, there is insufficient emphasis by the MITRE ATT&CK Framework on the Collection tactic regarding access of data from a database.

Hackers collect data through eavesdropping/man in the middle attacks of data in transit, by capturing data at the point of collection (such as point of sale devices), exfiltrating files containing sensitive data, etc. But the motherlode is the database. By watching how and what data is accessed from a database it is possible to determine whether such access constitutes an attempted data theft. This is the equivalent of catching a bank robber in the vault.

Watch a replay of this webcast to learn more about the database gaps in the current MITRE ATT&CK Framework. Our speakers will discuss:

  • What a Security Operations Center (SOC) engineer should know about database security
  • Database Security using the MITRE ATT&CK Framework
  • How to effectively monitor and detect security events in database environments
  • Proposed new Technique for Collection Tactic of ATT&CK
  • Register now to secure your spot. Please contact me with any questions!