Alex Hinchliffe - Paloalto - Unit42

In the last episode of ATT&CK in Action Webinar series, Alex Hinchliffe from Palo Alto Networks joined Picus and we talked about T1562 Impair Defenses (T1089 Disabling Security Tools in the previous ATT&CK version) as the 10th most commonly used technique by adversaries in 2019!

Watch the episode where we talked about:

  • How do adversaries leverage the 'T1562 Impair Defenses' technique into their targets?
  • What are the significant benefits that Impair Defenses technique provides for adversaries?
  • What are the use cases by threat actors and their malware?
  • How do Red Teams simulate this technique?
  • How do Blue Teams detect this technique?
  • How can you test T1562 Impair Defenses with Picus in your environment?

Picus Labs, the research arm of Picus Security, analyzed around 50.000 malware samples in the last year to determine TTPs used by adversaries in these malicious files.  As a result of the comprehensive analysis of tens of thousands of real-world threat samples collected from numerous sources, Picus unrevealed the “Picus 10 Critical MITRE ATT&CK Techniques” to help you focus on what significantly improves your security.