Carahsoft, in conjunction with its vendor partners, sponsors hundreds of events each year, ranging from webcasts and tradeshows to executive roundtables and technology forums.

Government Events and Resources

Events

Thales_LOGO_.png
Thales Trusted Cyber Technologies (TCT)

CTO Sessions: The Underappreciated Tactic of MITRE ATT&CK Framework - Collection


Event Date: November 20, 2024
Hosted By: Thales TCT & Carahsoft

Databases are key targets for hackers looking to steal data. However, there is insufficient emphasis by the MITRE ATT&CK Framework on the Collection tactic regarding access of data from a database.

Hackers collect data through eavesdropping/man in the middle attacks of data in transit, by capturing data at the point of collection (such as point of sale devices), exfiltrating files containing sensitive data, etc. But the motherlode is the database.  By watching how and what data is accessed from a database it is possible to determine whether such access constitutes an attempted data theft.  This is the equivalent of catching a bank robber in the vault. 

This webcast covered more about the database gaps in the current MITRE ATT&CK Framework. Our speakers discussed:

  • What a Security Operations Center (SOC) engineer should know about database security
  • Database Security using the MITRE ATT&CK Framework
  • How to effectively monitor and detect security events in database environments
  • Proposed new Technique for Collection Tactic of ATT&CK

Fill out the form below to view this archived event.


Resources


Featured

In this interview, Dr. Allan E. Day and Rishil Patel discuss how the integration of Salesforce and AWS can optimize Navy logistics and readiness in alignment with the 2024 U.S. Navy Navigation Plan. They highlight how unified tools and secure cloud infrastructure streamline operations, empower perso...

Ping Identity has expanded its FedRAMP High and DoD IL5 offerings with key identity and access management (ICAM) capabilities, helping federal agencies enhance security, compliance, and user experience. These new features, including multi-factor authentication, identity governance, and lifecycle man...

CMMC compliance is vital for businesses working with the Department of Defense, ensuring they meet security standards to protect sensitive data. Achieving CMMC certification helps organizations safeguard contracts and secure valuable partnerships in a high-stakes cybersecurity environment.

Federation Bubbles with Justin Richer introduces a flexible model for identity federation, where trust is dynamically managed based on context. This approach allows for secure, isolated, and adaptable spaces, even in disconnected environments, ensuring stronger security for modern systems.

Appian is a low-code platform that enables customers to discover, build, and automate critical processes, with over 20 years of experience working with the Department of Defense. To deepen this relationship, Appian must obtain Impact Level Five authorization, meeting stringent compliance and securit...

Cloud Framework
Datasheet
SMX Elevate helps organizations of all sizes strategize, architect, deploy, and manage complex enterprise solutions with cloud-native technology for rapid, resilient applications that scale to any demand. With industry-leading security and compliance, accelerate Authority to Operate (ATO) under FedR...

Breaking into the U.S. federal government market, which spends $7 billion annually on software, requires vendors to navigate complex acquisition processes, demonstrate compliance, and prove robust security measures. Software products, especially SaaS, must undergo audits and receive authorization fr...

Ping Government Identity Cloud is a FedRAMP High and DoD IL5-authorized solution that helps federal agencies modernize identity management while meeting compliance standards. It provides secure access management and identity governance in a dedicated cloud environment.

This data sheet explores how ibi™ WebFOCUS® offers advanced AI and machine learning capabilities, including Natural Language Query (NLQ) and predictive modeling, to help users efficiently analyze and gain insights from complex data. These innovative features empower both technical and non-...

Entering the government marketplace is a significant challenge for software companies and solution providers. Compliance accreditations like FedRAMP, FISMA, and DISA IL demand expertise, time, and resources that many organizations don’t have in-house. With the SMX Accreditation Accelerator, yo...