Overview What You Will Learn Curriculum Instructor

Course Overview

ATT&CK Workbench allows SOC teams, Red & Blue Teamers, Threat hunting and Threat Intelligence professionals, Incident Response personnel, Risk Management Teams, Defensive Security Professionals, and other users of MITRE ATT&CK to manage and extend their own local version of ATT&CK and align it with MITRE’s knowledge base.  

The tool enables organizations or individuals to explore, create, annotate, and share extensions of the MITRE ATT&CK knowledge base. Workbench allows users to extend their customized version of the ATT&CK knowledge base with new or updated techniques, tactics, mitigation groups, and tools. Users can also share their extensions with the overall ATT&CK community, thus enabling a greater level of collaboration. Microsoft, JP Morgan Chase, and Verizon are some of the funding research participants for the tool. 

The course will begin with an overview of the MITRE ATT&CK Framework, followed by a thorough introduction to the ATT&CK Workbench tool. As you move along, you’ll learn how to install the tool and about Collections and Collection Indexes in ATT&CK Workbench. The course will then illustrate how to create, manage, import, and subscribe to Collections in ATT&CK Workbench. Next, you’ll learn how Knowledge Base Browsing is performed through Objects. The course will then provide a detailed explanation of the steps to create Extensions of an ATT&CK knowledge base. 

As you continue your learning, you’ll learn how to use Quality Control Workflows, and how to create and add Objects and Techniques to your ATT&CK knowledge base. Next, the course will explain how to annotate the data added in your Extension. The course will also demonstrate how to integrate your Extension with ATT&CK Navigator, how to integrate your Extension with the ATT&CK Website, and how to integrate your Extension with several other tools. The course will end with a look at how to share your Extensions, followed by a short conclusion. 

Following the completion of the course, you’ll be able to create and share your own Extension of the public MITRE ATT&CK knowledge base. 

The necessary resources for this course are in the "Resources" section of Video 1.1. You can also access them through this direct link - https://github.com/ec-council-learning/Expanding-MITRE-ATT-CK-with-ATT-CK-Workbench

What You Will Learn

  • The significance of safeguarding your organization by leveraging the ATT&CK framework.
  • Understand how to manage and expand your personalized local version of ATT&CK using the Workbench tool.
  • Explore the Workbench’s intuitive interface
  • which allows you to create
  • annotate
  • and share custom extensions of the ATT&CK knowledge base.
  • How the Workbench fosters collaboration within the ATT&CK community.
  • Practical guidance on tailoring and customizing your ATT&CK knowledge base.

Program Curriculum

  • Who is MITRE Engenuity?
  • Threat-Informed Defense
  • Chapter 1 Quiz

  • Introduction to the ATT&CK Framework
  • ATT&CK Matrices
  • What are TTPs?
  • Tactics
  • Techniques & Sub-techniques
  • Procedures
  • Procedures vs. Sub-techniques
  • Data Sources & Mitigations
  • Threat Intelligence
  • ATT&CK Demo
  • Chapter 2 Quiz

  • Installation Overview
  • What is ATT&CK Navigator & Who is it For?
  • Navigator Layers
  • Create a Customized Navigator
  • Navigating the Navigator Toolbar
  • Lab 1
  • Lab 2
  • Importing and Exporting Layers
  • Lab 3
  • Chapter 3 Quiz

  • What is ATT&CK Workbench?
  • Why Use ATT&CK Workbench?
  • Project Overview
  • Chapter 4 Quiz

  • How to Get ATT&CK Workbench
  • Architecture
  • Installing ATT&CK Workbench
  • Lab 1
  • Organization Identity
  • Collection and Collection Index
  • Lab 2
  • Lab 3
  • Chapter 5 Quiz

  • Annotating Data
  • Lab 4
  • Extending Instances
  • Lab 5
  • Adding New Intelligence
  • Lab 6
  • Lab 7
  • Chapter 6 Quiz

  • Workflow
  • Integration
  • Chapter 7 Quiz

Course Summary

Load more modules

Instructor

Diego R. Pereyra

Diego Pereyra has been working in IT and Cybersecurity for more than 15 years. He holds certifications in CEH, CEH Practical, CEH Master, CCSK, and MAD (MITRE ATT&CK Defender), among others. He has worked as a Cybersecurity Analyst Level 3 in a SOC, implementing and developing ATT&CK for important clients in Argentina. He also has experience as a Senior Pentester, leading and working on projects of Network Teaming, Pentesting, and Vulnerability Assessments. In 2021 he has achieved to be the first Argentinean in the TOP 100 Hall of Fame of Certified Ethical Hackers by the EC-Council. 

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Hands-on FortiGate Firewall

    Hands-on FortiGate Firewall

    Short Course

    Hands-on FortiGate Firewall

    Security Architecture and Operations

    Learn how to deploy the FortiGate NGFW and how to configure t...

    $99.99

    Intermediate

    3 hr 0 m

  • Hands-on SELinux

    Hands-on SELinux

    Short Course

    Hands-on SELinux

    Security Architecture and Operations

    Learn SELinux Basics: Implement Security Policies, Troublesho...

    $49.99

    Beginner

    5 hr 28 m

  • Complete Bash Shell Scripting

    Complete Bash Shell Scripting

    Short Course

    Complete Bash Shell Scripting

    Security Architecture and Operations

    Automate repetitive tasks with Bash Shell Scripting to save v...

    $79.99

    Intermediate

    18 hr 10 m

  • Installing and Mitigating Linux Rootkits

    Installing and Mitigating Linux Rootkits

    Short Course

    Installing and Mitigating Linux Rootkits

    Security Architecture and Operations

    Understanding the threat posed by rootkits in Linux and poten...

    $59.99

    Advanced

    3 hr 0 m

  • Start Hacking and Making Money Today at HackerOne

    Start Hacking and Making Money Today at HackerOne

    Short Course

    Start Hacking and Making Money Today at HackerOne

    Security Architecture and Operations

    Hack Legally and Get Paid for Your Findings

    $59.99

    Beginner

    1 hr 9 m

  • PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    Short Course

    PowerShell Scripting Essentials: Anatomy of Logging – Developi...

    Security Architecture and Operations

    How to write a PowerShell module that contains functions to d...

    $69.99

    Intermediate

    6 hr 1 m

  • Machine Learning for Application in Digital Forensics

    Machine Learning for Application in Digital Forensics

    Short Course

    Machine Learning for Application in Digital Forensics

    Security Architecture and Operations

    Unlocking the Potential of Machine Learning: From Theory to P...

    $99.99

    Intermediate

    4 hr 0 m

  • Applied Python Cryptography

    Applied Python Cryptography

    Short Course

    Applied Python Cryptography

    Security Architecture and Operations

    Securing your Python code and protecting your users private i...

    $79.99

    Intermediate

    4 hr 0 m

1 8