ATT&CK® Security Operations Center Assessment Certification

The ATT&CK® Security Operations Center (SOC) Assessment Certification validates a defender's ability to conduct Security Operations Center (SOC) assessments that are rapid, have low overhead, and are broad enough to help the SOC get on their feet with ATT&CK. The certification affirms mastery at analyzing SOC technologies, like tools and data sources, savviness at interviewing and discussing ATT&CK with SOC personnel, and proficiency at recommending improvements based on the assessment's results. Certified ATT&CK defenders have earned four distinct badges to achieve the ATT&CK® for SOC Assessment Certification. • ATT&CK® Fundamentals Badge • ATT&CK® Security Operations Center Assessment Fundamentals Badge • ATT&CK® Security Operations Center Assessment Analysis Badge • ATT&CK® Security Operations Center Assessment Synthesis Badge Meet the training and mastery assessment authors: Dr. Andy Applebaum Principal Cyber Security Engineer at MITRE Andy Applebaum is a principal cybersecurity engineer at MITRE. He works on applied and theoretical security research problems, primarily in the realms of cyber defense, security automation, and automated adversary emulation. As a well-established researcher, he's published numerous papers and spoken at multiple academic and industry conferences, including Black Hat Europe, SANS Security Operations Summit, BSides NOVA, and the FIRST Conference. Before working at MITRE, Andy received his Ph.D. in Computer Science from the University of California Davis. Dr. Clem Skorupka Principal Cybersecurity Engineer at MITRE Dr. Clem Skorupka is a Principal Cybersecurity Engineer at MITRE. His work has spanned both operations and research, focusing on improving the effectiveness of threat information in organizations. Throughout his career, he's developed new techniques and technologies that enhance cybersecurity data collection, sharing, and application for the DoD, the IC, and, more recently, for civilian government sponsors. Dr. Skorupka is a co-author of NIST's Special Publication 800-150 "Guide to Cyber Threat Information Sharing". Dr. Skorupka holds B.S., M.S., and Ph.D. in Physics and is the recipient of an Office of Naval Technology Postdoctoral Fellowship. " Steve Luke Director of Content at MITRE ATT&CK Defender ™ Steve Luke is the Director of Content for MITRE ATT&CK Defender™. He’s dedicated to empowering organizations with more effective ways to robustly detect and respond to cyber-attacks. Since 2007, Steve has focused on delivering innovative solutions to cyber missions, with a special focus on ATT&CK® and its application to hunting. Steve co-authored a paper on TTP-Based Hunting, developed and delivered educational materials about that methodology, and leads purple teaming events to explore ATT&CK techniques and develop robust analytic approaches to detect them. Steve earned a B.S. and Masters of Engineering in Electrical Engineering from Cornell University with a focus on digital signal processing. Prior to joining MITRE in 2005, he served as an officer in the United States Air Force. Jamie Williams Lead Cyber Adversarial Engineer at MITRE Jamie Williams is a Cyber Adversarial Engineer for the MITRE Corporation. He works on various exciting efforts involving security operations and research, specializing in adversary emulation and behavior-based detections. He also leads teams that help shape and deliver the "adversary-touch" within ATT&CK® and ATT&CK Evaluations. Before joining MITRE, Jamie received his M.S. in Information Systems Engineering from Johns Hopkins University and his B.S. in Information Systems from the University of Maryland, Baltimore County (UMBC). To consider before attempting to earn the badge: • Have a solid understanding of the ATT&CK Framework • Understand information security technology and security operations • Complete the ATT&CK SOC Assessment training course