Week 2: Elimination?

The picture is from https://www.pinterest.com/pin/721983384000776995/

If you read week 1 of my internship series, then you are here to find out did I make it to week 2. Here is the link to week 1:https://dijah.medium.com/week-1-introduction-ad243137fca0. I thought on Monday, I would have seen people removed from the discord. However, I learn that there is a point system. You need at least 80 points to successfully complete the internship. Every week, interns earn 10 points based on submitting the mandatory assignments and attending the mandatory meeting held every Friday. If you do not attend the meeting or submit the mandatory assignments, then you get 0 points. No exception. It is a 10-week internship. Therefore, you are allowed to miss only two weeks. 10 points are required to enter week 3 and eliminations will start after the third week. I apologize for scaring you guys. I’m safe for now.

For this week's assignment, I was to make a post about MITRE ATT&CK on LinkedIn and Twitter tagging VTF, write a pretend email apologizing for missing a mandatory meeting with the manager, and complete an AttackIQ foundational MITRE ATT&CK course. The main takeaway from these assignments are 1) to make us visible on social media for recruiters and hiring manager to see what we are up to due to social media is how job seekers get hired in tech, 2) to know who to write professional emails, and 3)cybersecurity professionals should be familiar with MITRE ATT&CK.

The important task for this week is learning about MITRE ATT&CK. What is MITRE ATT&CK? The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework was created to document cybercriminals' behavior. Techniques represent how those goals are achieved and tactics represent cybercriminals’ technical goals. The framework breaks the techniques into tactics which you can see in the following link: https://attack.mitre.org/matrices/enterprise/. MITRE ATT&CK framework is very useful to cybersecurity professionals because you can pick a threat group and map their techniques or search for threat groups that are known to target that industry. Also, MITRE ATT&CK Navigator is used to provide basic navigation and annotation of the ATT&CK matrix. It gives you a visual representation by using filters to highlight techniques used by a particular threat group. This is useful because it can identify techniques that may be important to your organization.

Cybersecurity professionals take this information to build defense systems and test these systems by adversary emulation. Adversary emulation is simulation offensive security aka attacking the system as a hacker. Defensive security takes this information from adversary emulation to fix vulnerabilities in the system. The process is repeated again and again. The defensive and offensive security teams work together to build secure systems to thwart or prevent cyberattacks.

Thank you for taking the time to read my post. I have to wait for the email to see if I made it to week 3.

Update: I have received my certification for week 2, so I made it to week 3. You can read about it here: https://dijah.medium.com/week-3-imworried-b8a282acb10b.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store