WEBINAR

ATT&CK v17 Decoded: What IT & Security Teams Must Know

Exploits targeting hypervisors are at an all-time high. Enterprise virtualization is a prime target for threat groups due to valuable data and the challenges associated with preventing escape to host attacks. This has been validated with the recent ATT&CK v17 update, where MITRE introduced an entirely new matrix for ESXi. This revolutionary change brings to attention existing risks and possible compliance implications in security for many enterprises. 

Gabe Dimeglio, CISO of Rimini Street, and Austin Gadient, CTO & Cofounder of Vali Cyber, will discuss MITRE’s logic for this change, looking closely at the threat landscape and in particular the 4 unique techniques MITRE noted for ESXi: 

  • T1675: ESXi Administration Control 
  • T1059.12: Command and Scripting Interpreter: Hypervisor CLI 
  • T1505.006: Server Software Component: vSphere Installation Bundles 
  • T1673: Virtual Machine Discovery 

We will dive into what these techniques mean, featuring demos of real-world attack chains where the techniques were leveraged. You will learn about: 

  • The MITRE ATT&CK ESXi framework and its implications on risk and compliance 
  • Effective methods to protect against ransomware and exploits in hypervisors every IT & security team should consider 
  • Why runtime hypervisor security is now critical 

Attendees will also receive an operational playbook with 3 tools that will enable you to quickly and efficiently reduce risk in your VMware environment. 

Get the facts about the MITRE ATT&CK framework
All fields marked * are required.