ATT&CK in Action #10: T1562 Impair Defenses with Palo Alto Networks

Alex Hinchliffe - Paloalto - Unit42

In the last episode of ATT&CK in Action Webinar series, Alex Hinchliffe from Palo Alto Networks joined Picus and we talked about T1562 Impair Defenses (T1089 Disabling Security Tools in the previous ATT&CK version) as the 10th most commonly used technique by adversaries in 2019!

Watch the episode where we talked about:

  • How do adversaries leverage the 'T1562 Impair Defenses' technique into their targets?
  • What are the significant benefits that Impair Defenses technique provides for adversaries?
  • What are the use cases by threat actors and their malware?
  • How do Red Teams simulate this technique?
  • How do Blue Teams detect this technique?
  • How can you test T1562 Impair Defenses with Picus in your environment?

Picus Labs, the research arm of Picus Security, analyzed around 50.000 malware samples in the last year to determine TTPs used by adversaries in these malicious files.  As a result of the comprehensive analysis of tens of thousands of real-world threat samples collected from numerous sources, Picus unrevealed the “Picus 10 Critical MITRE ATT&CK Techniques” to help you focus on what significantly improves your security.

Speakers

 Dr. Süleyman Özarslan />
      </div>
      <div class=

Dr. Süleyman Özarslan

Co-Founder, VP of Picus Labs, Picus

 Alex Hinchliffe />
      </div>
      <div class=

Alex Hinchliffe

Threat Intelligence Analyst at Unit 42, Palo Alto Networks

 Dr. Carlo Tarantini />
      </div>
      <div class=

Dr. Carlo Tarantini

Product Marketing Manager, Picus

Watch Now!