New Content Showcase: Elastic, Ransomware, MITRE ATT&CK
One of the highlights of working at RangeForce is having the opportunity to use, test, and refine the platform. For our Support Team Lead, Benjamin Richey, this is particularly true. In attached video walkthrough, Ben says that a good portion of his job is actually testing the content from a user perspective and then submitting feedback to the content team.
In the 5-minute video below, Ben showcases three recent sections of RangeForce content:
- Elastic Learning Path
- MITRE ATT&CK
- Ransomware
Beyond simply walking through the content, Ben explains how the content and learning paths interact and build onto one another. For the best possible experience, Ben recommends a specific order for completing the three areas of content, beginning with The Elastic Learning Path.
As he says, Elastic Learning Path "teaches all about the rules, events, and alerts in elastic" and eventually will ask you to dig around and use Elastic to locate correct answers to questions posed in the path.
The next section Ben recommends tackling is MITRE ATT&CK content, which includes an exercise where you're given an occurrence of a technique, and must use Elastic (and all that you've learned in the Elastic Path) to find evidence and locate the occurrence of the technique.
The last section covered involves Ransomware, and as Ben states, it's an "all-encompassing" deep dive, where you actually get to deploy and see the results of deploying safe versions of common ransomware.
Ransomware is covered last because of the "Behavior-Based Ransomware Detection" module. In this module you'll be given an occurrence of ransomware, and it will be categorized through the MITRE ATT&CK framework. You'll have to utilize your learned Elastic skills to find evidence of each technique used. As Ben notes, this combination was something he loved!
Check out the video to hear from Ben in his own words why and how this content works so well together.
