ATT&CK® Security Operations Center Assessment Synthesis Badge

Practitioners holding the ATT&CK SOC Assessment Synthesis Badge have shown themselves to be able to put together the pieces to form a full ATT&CK-based SOC assessment. These defenders have been tested and validated to show that they understand the big picture of assessments and how assessments should be composed and delivered. The assessment validates: • Ability to fuse together a holistic view of security operation coverage of ATT&CK • Proficiency in using current coverage and other SOC information to make prioritized recommendations • Ability to aggregate heatmaps from different sources to paint a complete picture of SOC coverage • Ability to choose a heatmap scoring scheme best geared towards a specific audience • Mastery in interviewing SOC personnel and understanding how that impacts coverage and recommendations Meet the training and mastery assessment authors: Dr. Andy Applebaum Principal Cyber Security Engineer at MITRE Andy Applebaum is a principal cybersecurity engineer at MITRE. He works on applied and theoretical security research problems, primarily in the realms of cyber defense, security automation, and automated adversary emulation. As a well-established researcher, he's published numerous papers and spoken at multiple academic and industry conferences, including Black Hat Europe, SANS Security Operations Summit, BSides NOVA, and the FIRST Conference. Before working at MITRE, Andy received his Ph.D. in Computer Science from the University of California Davis. Dr. Clem Skorupka Principal Cybersecurity Engineer at MITRE Dr. Clem Skorupka is a Principal Cybersecurity Engineer at MITRE. His work has spanned both operations and research, focusing on improving the effectiveness of threat information in organizations. Throughout his career, he's developed new techniques and technologies that enhance cybersecurity data collection, sharing, and application for the DoD, the IC, and, more recently, for civilian government sponsors. Dr. Skorupka is a co-author of NIST's Special Publication 800-150 "Guide to Cyber Threat Information Sharing". Dr. Skorupka holds B.S., M.S., and Ph.D. in Physics and is the recipient of an Office of Naval Technology Postdoctoral Fellowship. " Steve Luke Director of Content at MITRE ATT&CK Defender ™ Steve Luke is the Director of Content for MITRE ATT&CK Defender™. He’s dedicated to empowering organizations with more effective ways to robustly detect and respond to cyber-attacks. Since 2007, Steve has focused on delivering innovative solutions to cyber missions, with a special focus on ATT&CK® and its application to hunting. Steve co-authored a paper on TTP-Based Hunting, developed and delivered educational materials about that methodology, and leads purple teaming events to explore ATT&CK techniques and develop robust analytic approaches to detect them. Steve earned a B.S. and Masters of Engineering in Electrical Engineering from Cornell University with a focus on digital signal processing. Prior to joining MITRE in 2005, he served as an officer in the United States Air Force. To consider before attempting to earn the badge: • Have a solid understanding of the ATT&CK Framework • Understand information security technology and security operations • Complete the ATT&CK SOC Assessment training course