homepage
Open menu
Talk with an expert
Podcast image

Jamie Williams: Adversary Emulation | 20

Blueprint • 2021-05-18

There are numerous ways to test your SOC's detection and prevention capabilities, but not all are created equal. Each has their own strengths and weaknesses, and can be done on a different time scale. This week, we focus on arguably one of the most important - adversary emulation. In this episode we speak with Jamie Williams from the MITRE ATT&CK team about why adversary emulation is important, how it works, how you can get started regardless of the size of your team, and how to track and run an adversary emulation test.

Listen on YouTube PodcastsListen on SpotifyListen on Apple Podcasts

Sponsor's Note:

Support for the Blueprint podcast comes from the SANS Institute.

Since the debut of SEC450, we've always had students interested in a matching course covering the management and leadership aspects of running a SOC. If you like the topics in this podcast and would like to learn more about Blue Team leadership and management, check out the new MGT551: Building and Leading Security Operations Centers. This new course is designed for Security Team leaders looking to build, grow and operate a security operation center with peak efficiency. It's a hands-on technical leadership course, that takes you through everything from scoping threat groups to use case creation, threat hunting, planning, SOC maturity and detection assessment and much much more.

Check out the details at sansurl.com/551! Hope to see you in class!
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn

Featured Guest Bio:

Jamie Williams is a Principal Adversary Emulation Engineer for the MITRE Corporation where he works on various exciting efforts involving security operations and research, specializing in adversary emulation and behavior-based detections. He also leads teams that help shape and deliver the "adversary-touch" within ATT&CK® and ATT&CK Evaluations.

More About Jamie

Follow Jamie on Twitter (@jamieantisocial) and LinkedIn (/in/jamie-williams-108369190).

Related Content

Blog
Why SANS - Blog - Zero Trust - Zero Trust Network Architecture- Ready for Prime Time__340 x 340.jpg
Cyber Defense
Zero Trust Network Architecture: Ready for Prime Time?
This infographic outlines the principles of implementing a Zero Trust architecture by focusing on strategies like micro-segmentation and continuous authentication.For a deeper dive into these topics, download the SANS Zero Trust Strategy Guide and watch the YouTube video to gain actionable...
SANS_social_88x82.jpg
SANS Institute
read more
Blog
Why SANS - Blog - Critical Infrastructure - Supply Chain Attacks- Why Security Leaders Must Act Now_340 x 340.jpg
Cyber Defense
Fortifying the Supply Chain: Strategies for Modern Security Challenges
This infographic emphasizes securing the supply chain against modern threats by distinguishing supply-chain risks from internal risks and recommending best practices for managing external dependencies.For a deeper dive into these topics, download the ICS Strategy Guide and watch the YouTube video...
SANS_social_88x82.jpg
SANS Institute
read more
Blog
Top_10_SANS_Summits_Talks_of_2021.png
Cybersecurity Insights, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Cloud Security, Open-Source Intelligence (OSINT), Cybersecurity Leadership, Security Awareness, Artificial Intelligence (AI)
Top 15 SANS Summit Talks of 2023
This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.
370x370-person-placeholder.png
Alison Kim
read more