The October 2023 (v14) ATT&CK release updates Techniques, Groups, Campaigns and Software for Enterprise, Mobile, and ICS. The biggest changes in ATT&CK v14 are a large expansion of detection notes and analytics to Techniques in Enterprise, a minor scoping change to Enterprise resulting in coverage of Financial Theft and Voice Phishing, structured Detections in Mobile, and the (re-)addition of Assets to ICS. An accompanying blog post describes these changes as well as improvements across ATT&CK's various domains and platforms.
This release also includes a human-readable detailed changelog showing more specifically what changed in updated ATT&CK objects, and a machine-readable JSON changelog, whose format is described in ATT&CK's Github.
This version of ATT&CK contains 760 Pieces of Software, 143 Groups, and 24 Campaigns. Broken out by domain:
-
Enterprise: 201 Techniques, 424 Sub-Techniques, 141 Groups, 648 Pieces of Software, 23 Campaigns, 43 Mitigations, and 109 Data Sources
-
Mobile: 72 Techniques, 42 Sub-Techniques, 8 Groups, 108 Pieces of Software, 1 Campaign, 12 Mitigations, and 15 Data Sources
-
ICS: 81 Techniques, 13 Groups, 21 Pieces of Software, 52 Mitigations, 3 Campaigns, 14 Assets, and 34 Data Sources
Release Notes Terminology
-
New: ATT&CK objects which are only present in the new release.
-
Major version changes: ATT&CK objects that have a major version change. (e.g. 1.0 → 2.0)
-
Minor version changes: ATT&CK objects that have a minor version change. (e.g. 1.0 → 1.1)
-
Other version changes: ATT&CK objects that have a version change of any other kind. (e.g. 1.0 → 1.2)
-
Patches: ATT&CK objects that have been patched while keeping the version the same. (e.g., 1.0 → 1.0 but something immaterial like a typo, a URL, or some metadata was fixed)
-
Revocations: ATT&CK objects which are revoked by a different object.
-
Deprecations: ATT&CK objects which are deprecated and no longer in use, and not replaced.
-
Deletions: ATT&CK objects which are no longer found in the STIX data.
Techniques
Enterprise
New Techniques
-
Abuse Elevation Control Mechanism: Temporary Elevated Cloud Access (v1.0)
-
Account Manipulation: Additional Container Cluster Roles (v1.0)
-
Content Injection (v1.0)
-
Credentials from Password Stores: Cloud Secrets Management Stores (v1.0)
-
Exfiltration Over Web Service: Exfiltration Over Webhook (v1.0)
-
Financial Theft (v1.0)
-
Hide Artifacts: Ignore Process Interrupts (v1.0)
-
Impair Defenses: Disable or Modify Linux Audit System (v1.0)
-
Impersonation (v1.0)
-
Log Enumeration (v1.0)
-
Masquerading: Break Process Trees (v1.0)
-
Modify Cloud Compute Infrastructure: Modify Cloud Compute Configurations (v1.0)
-
Obfuscated Files or Information: LNK Icon Smuggling (v1.0)
-
Phishing: Spearphishing Voice (v1.0)
-
Phishing for Information: Spearphishing Voice (v1.0)
-
Power Settings (v1.0)
-
Remote Services: Direct Cloud VM Connections (v1.0)
-
System Network Configuration Discovery: Wi-Fi Discovery (v1.0)
Major Version Changes
-
Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder (v1.2→v2.0)
-
Impair Defenses: Disable or Modify Cloud Logs (v1.3→v2.0)
Minor Version Changes
-
Abuse Elevation Control Mechanism (v1.1→v1.2)
-
Access Token Manipulation: Token Impersonation/Theft (v1.1→v1.2)
-
Account Manipulation (v2.5→v2.6)
-
Additional Cloud Credentials (v2.5→v2.6)
-
Additional Cloud Roles (v2.2→v2.3)
-
Additional Email Delegate Permissions (v2.0→v2.1)
-
Device Registration (v1.1→v1.2)
-
SSH Authorized Keys (v1.2→v1.3)
-
Acquire Infrastructure (v1.2→v1.3)
-
Adversary-in-the-Middle (v2.2→v2.3)
-
Application Layer Protocol: File Transfer Protocols (v1.0→v1.1)
-
Application Layer Protocol: Web Protocols (v1.1→v1.2)
-
Archive Collected Data: Archive via Utility (v1.2→v1.3)
-
Boot or Logon Autostart Execution: Print Processors (v1.0→v1.1)
-
Boot or Logon Autostart Execution: Winlogon Helper DLL (v1.0→v1.1)
-
Boot or Logon Autostart Execution: XDG Autostart Entries (v1.0→v1.1)
-
Boot or Logon Initialization Scripts (v2.1→v2.2)
-
Brute Force: Credential Stuffing (v1.3→v1.4)
-
Brute Force: Password Guessing (v1.4→v1.5)
-
Brute Force: Password Spraying (v1.3→v1.4)
-
Cloud Service Dashboard (v1.1→v1.2)
-
Command and Scripting Interpreter: Windows Command Shell (v1.2→v1.3)
-
Compromise Client Software Binary (v1.0→v1.1)
-
Compromise Infrastructure (v1.3→v1.4)
-
Create Account (v2.3→v2.4)
-
Cloud Account (v1.3→v1.4)
-
Domain Account (v1.0→v1.1)
-
Local Account (v1.2→v1.3)
-
Create or Modify System Process: Systemd Service (v1.3→v1.4)
-
Create or Modify System Process: Windows Service (v1.3→v1.4)
-
Credentials from Password Stores (v1.0→v1.1)
-
Data Destruction (v1.1→v1.2)
-
Data from Cloud Storage (v2.0→v2.1)
-
Data from Network Shared Drive (v1.3→v1.4)
-
Deobfuscate/Decode Files or Information (v1.2→v1.3)
-
Direct Volume Access (v2.0→v2.1)
-
Email Collection (v2.4→v2.5)
-
Remote Email Collection (v1.1→v1.2)
-
Event Triggered Execution: Screensaver (v1.1→v1.2)
-
Exfiltration Over Other Network Medium (v1.1→v1.2)
-
Exfiltration Over Web Service (v1.2→v1.3)
-
Exfiltration to Cloud Storage (v1.1→v1.2)
-
Exfiltration to Code Repository (v1.0→v1.1)
-
Exploitation for Credential Access (v1.4→v1.5)
-
Exploitation for Defense Evasion (v1.3→v1.4)
-
File and Directory Permissions Modification: Linux and Mac File and Directory Permissions Modification (v1.1→v1.2)
-
Forced Authentication (v1.2→v1.3)
-
Forge Web Credentials (v1.3→v1.4)
-
Hide Artifacts: Email Hiding Rules (v1.2→v1.3)
-
Hijack Execution Flow: Path Interception by PATH Environment Variable (v1.0→v1.1)
-
Impair Defenses (v1.4→v1.5)
-
Disable Windows Event Logging (v1.2→v1.3)
-
Disable or Modify Tools (v1.4→v1.5)
-
Downgrade Attack (v1.1→v1.2)
-
Indicator Blocking (v1.2→v1.3)
-
Indicator Removal: Clear Network Connection History and Configurations (v1.0→v1.1)
-
Indicator Removal: Clear Windows Event Logs (v1.2→v1.3)
-
Ingress Tool Transfer (v2.2→v2.3)
-
Inhibit System Recovery (v1.2→v1.3)
-
Input Capture: Keylogging (v1.1→v1.2)
-
Inter-Process Communication: Dynamic Data Exchange (v1.2→v1.3)
-
Lateral Tool Transfer (v1.2→v1.3)
-
Masquerading (v1.5→v1.6)
-
Masquerade Task or Service (v1.1→v1.2)
-
Match Legitimate Name or Location (v1.1→v1.2)
-
Modify Authentication Process: Multi-Factor Authentication (v1.0→v1.1)
-
Modify Cloud Compute Infrastructure (v1.1→v1.2)
-
Modify Registry (v1.3→v1.4)
-
Native API (v2.1→v2.2)
-
Network Service Discovery (v3.0→v3.1)
-
Network Share Discovery (v3.1→v3.2)
-
Network Sniffing (v1.4→v1.5)
-
Non-Application Layer Protocol (v2.2→v2.3)
-
OS Credential Dumping: LSASS Memory (v1.2→v1.3)
-
OS Credential Dumping: NTDS (v1.1→v1.2)
-
OS Credential Dumping: Security Account Manager (v1.0→v1.1)
-
Obfuscated Files or Information (v1.4→v1.5)
-
Embedded Payloads (v1.0→v1.1)
-
HTML Smuggling (v1.0→v1.1)
-
Phishing (v2.3→v2.4)
-
Spearphishing Link (v2.4→v2.5)
-
Phishing for Information (v1.2→v1.3)
-
Spearphishing Link (v1.4→v1.5)
-
Process Discovery (v1.3→v1.4)
-
Process Injection: Dynamic-link Library Injection (v1.2→v1.3)
-
Process Injection: Process Hollowing (v1.2→v1.3)
-
Reflective Code Loading (v1.0→v1.1)
-
Remote Access Software (v2.1→v2.2)
-
Remote Service Session Hijacking: RDP Hijacking (v1.0→v1.1)
-
Remote Services (v1.3→v1.4)
-
Distributed Component Object Model (v1.2→v1.3)
-
Remote Desktop Protocol (v1.1→v1.2)
-
SMB/Windows Admin Shares (v1.1→v1.2)
-
SSH (v1.1→v1.2)
-
Windows Remote Management (v1.1→v1.2)
-
Remote System Discovery (v3.4→v3.5)
-
Resource Hijacking (v1.3→v1.4)
-
Scheduled Task/Job: At (v2.0→v2.1)
-
Scheduled Task/Job: Scheduled Task (v1.3→v1.4)
-
Scheduled Task/Job: Systemd Timers (v1.1→v1.2)
-
Shared Modules (v2.1→v2.2)
-
Software Deployment Tools (v2.1→v2.2)
-
Subvert Trust Controls: Install Root Certificate (v1.1→v1.2)
-
System Binary Proxy Execution: Rundll32 (v2.1→v2.2)
-
System Network Configuration Discovery (v1.5→v1.6)
-
System Owner/User Discovery (v1.4→v1.5)
-
System Services: Service Execution (v1.1→v1.2)
-
Taint Shared Content (v1.3→v1.4)
-
Trusted Developer Utilities Proxy Execution: MSBuild (v1.2→v1.3)
-
Unsecured Credentials: Credentials In Files (v1.1→v1.2)
-
Unsecured Credentials: Credentials in Registry (v1.0→v1.1)
-
Use Alternate Authentication Material: Pass the Hash (v1.1→v1.2)
-
Valid Accounts: Cloud Accounts (v1.5→v1.6)
-
Valid Accounts: Domain Accounts (v1.3→v1.4)
-
Valid Accounts: Local Accounts (v1.3→v1.4)
-
Windows Management Instrumentation (v1.3→v1.4)
Patches
-
Cloud Service Discovery (v1.3)
-
Event Triggered Execution: PowerShell Profile (v1.1)
-
Forge Web Credentials: SAML Tokens (v1.2)
-
Forge Web Credentials: Web Cookies (v1.1)
-
Masquerading: Masquerade File Type (v1.0)
-
Masquerading: Rename System Utilities (v1.1)
-
OS Credential Dumping: Cached Domain Credentials (v1.0)
-
Steal Web Session Cookie (v1.2)
-
System Binary Proxy Execution: Compiled HTML File (v2.1)
-
Use Alternate Authentication Material: Application Access Token (v1.5)
-
Use Alternate Authentication Material: Web Session Cookie (v1.3)
Mobile
New Techniques
-
Application Versioning (v1.0)
-
Data Destruction (v1.0)
-
Masquerading (v1.0)
-
Phishing (v1.0)
-
Remote Access Software (v1.0)
Minor Version Changes
-
Call Control (v1.1→v1.2)
-
Command and Scripting Interpreter (v1.1→v1.2)
-
Unix Shell (v1.1→v1.2)
-
Download New Code at Runtime (v1.4→v1.5)
-
Drive-By Compromise (v2.1→v2.2)
-
Dynamic Resolution (v1.0→v1.1)
-
Domain Generation Algorithms (v1.0→v1.1)
-
Exfiltration Over Alternative Protocol (v1.0→v1.1)
-
Exfiltration Over Unencrypted Non-C2 Protocol (v1.0→v1.1)
-
Exfiltration Over C2 Channel (v1.0→v1.1)
-
Impair Defenses: Prevent Application Removal (v1.1→v1.2)
-
Ingress Tool Transfer (v2.1→v2.2)
-
Input Injection (v1.1→v1.2)
-
Lockscreen Bypass (v1.2→v1.3)
-
Obfuscated Files or Information (v3.0→v3.1)
-
Replication Through Removable Media (v2.0→v2.1)
-
Web Service (v1.2→v1.3)
-
Bidirectional Communication (v1.1→v1.2)
-
Dead Drop Resolver (v1.1→v1.2)
-
One-Way Communication (v1.1→v1.2)
Patches
-
Hijack Execution Flow: System Runtime API Hijacking (v1.1)
-
Location Tracking: Impersonate SS7 Nodes (v1.1)
-
Non-Standard Port (v2.1)
ICS
Minor Version Changes
-
Block Command Message (v1.0→v1.1)
-
Modify Controller Tasking (v1.1→v1.2)
-
Modify Parameter (v1.2→v1.3)
-
Modify Program (v1.1→v1.2)
-
Service Stop (v1.0→v1.1)
Patches
-
Adversary-in-the-Middle (v2.0)
-
Alarm Suppression (v1.2)
-
Automated Collection (v1.0)
-
Block Reporting Message (v1.0)
-
Block Serial COM (v1.1)
-
Brute Force I/O (v1.1)
-
Change Credential (v1.0)
-
Change Operating Mode (v1.0)
-
Command-Line Interface (v1.1)
-
Commonly Used Port (v1.1)
-
Connection Proxy (v1.1)
-
Damage to Property (v1.1)
-
Data Destruction (v1.0)
-
Data from Local System (v1.0)
-
Default Credentials (v1.0)
-
Denial of Control (v1.1)
-
Denial of Service (v1.1)
-
Denial of View (v1.1)
-
Detect Operating Mode (v1.0)
-
Device Restart/Shutdown (v1.1)
-
Drive-by Compromise (v1.0)
-
Execution through API (v1.1)
-
Exploitation for Evasion (v1.1)
-
External Remote Services (v1.1)
-
Graphical User Interface (v1.1)
-
Hardcoded Credentials (v1.0)
-
Hooking (v1.2)
-
I/O Image (v1.1)
-
Indicator Removal on Host (v1.0)
-
Internet Accessible Device (v1.0)
-
Lateral Tool Transfer (v1.1)
-
Loss of Availability (v1.0)
-
Loss of Control (v1.0)
-
Loss of Protection (v1.0)
-
Loss of Safety (v1.0)
-
Loss of View (v1.0)
-
Manipulate I/O Image (v1.1)
-
Manipulation of Control (v1.0)
-
Manipulation of View (v1.0)
-
Masquerading (v1.1)
-
Modify Alarm Settings (v1.2)
-
Module Firmware (v1.1)
-
Monitor Process State (v1.0)
-
Native API (v1.0)
-
Network Sniffing (v1.0)
-
Point & Tag Identification (v1.1)
-
Program Download (v1.1)
-
Program Upload (v1.0)
-
Project File Infection (v1.0)
-
Remote Services (v1.1)
-
Remote System Discovery (v1.1)
-
Rogue Master (v1.2)
-
Rootkit (v1.1)
-
Screen Capture (v1.0)
-
Scripting (v1.0)
-
Spearphishing Attachment (v1.1)
-
Spoof Reporting Message (v1.2)
-
Supply Chain Compromise (v1.1)
-
System Firmware (v1.1)
-
Transient Cyber Asset (v1.2)
-
Unauthorized Command Message (v1.2)
-
User Execution (v1.1)
-
Valid Accounts (v1.1)
-
Wireless Compromise (v1.2)
-
Wireless Sniffing (v1.1)
Software
Enterprise
New Software
-
ANDROMEDA (v1.0)
-
AsyncRAT (v1.0)
-
BADHATCH (v1.0)
-
Disco (v1.0)
-
KOPILUWAK (v1.0)
-
NightClub (v1.0)
-
Pacu (v1.0)
-
QUIETCANARY (v1.0)
-
QUIETEXIT (v1.0)
-
RotaJakiro (v1.0)
-
Sardonic (v1.0)
-
SharpDisco (v1.0)
-
Snip3 (v1.0)
-
ngrok (v1.2)
Major Version Changes
-
OSX_OCEANLOTUS.D (v2.2→v3.0)
-
Uroburos (v1.0→v2.0)
Minor Version Changes
-
AdFind (v1.2→v1.3)
-
Agent Tesla (v1.2→v1.3)
-
Arp (v1.1→v1.2)
-
BITSAdmin (v1.3→v1.4)
-
BlackEnergy (v1.3→v1.4)
-
BloodHound (v1.4→v1.5)
-
Cobalt Strike (v1.10→v1.11)
-
Conti (v2.1→v2.2)
-
CrossRAT (v1.1→v1.2)
-
Dridex (v2.0→v2.1)
-
Emotet (v1.4→v1.5)
-
Empire (v1.6→v1.7)
-
Fysbis (v1.2→v1.3)
-
GoldMax (v2.1→v2.2)
-
Imminent Monitor (v1.0→v1.1)
-
Impacket (v1.4→v1.5)
-
KillDisk (v1.1→v1.2)
-
LaZagne (v1.4→v1.5)
-
Mimikatz (v1.7→v1.8)
-
NETWIRE (v1.5→v1.6)
-
Net (v2.4→v2.5)
-
Nltest (v1.1→v1.2)
-
OSX/Shlayer (v1.3→v1.4)
-
Ping (v1.3→v1.4)
-
PsExec (v1.4→v1.5)
-
Pupy (v1.2→v1.3)
-
Ragnar Locker (v1.1→v1.2)
-
Regin (v1.1→v1.2)
-
Revenge RAT (v1.1→v1.2)
-
Rubeus (v1.0→v1.1)
-
Ryuk (v1.3→v1.4)
-
TrickBot (v2.0→v2.1)
-
WarzoneRAT (v1.0→v1.1)
-
certutil (v1.3→v1.4)
-
esentutl (v1.2→v1.3)
-
jRAT (v2.1→v2.2)
-
netstat (v1.1→v1.2)
-
njRAT (v1.4→v1.5)
Patches
-
BlackCat (v1.0)
-
Calisto (v1.1)
-
Carbanak (v1.1)
-
Doki (v1.0)
-
Industroyer (v1.1)
-
LockerGoga (v2.0)
-
PUNCHBUGGY (v2.1)
-
PUNCHTRACK (v1.1)
-
PowerSploit (v1.6)
Revocations
-
Ngrok (revoked by ngrok) (v1.1)
Mobile
New Software
-
BOULDSPY (v1.0)
-
Chameleon (v1.0)
-
Escobar (v1.0)
-
Fakecalls (v1.0)
-
FlyTrap (v1.0)
-
Hornbill (v1.0)
-
Sunbird (v1.0)
ICS
Minor Version Changes
-
BlackEnergy (v1.3→v1.4)
-
KillDisk (v1.1→v1.2)
-
Ryuk (v1.3→v1.4)
Patches
-
Industroyer (v1.1)
-
LockerGoga (v2.0)
Groups
Enterprise
New Groups
-
FIN13 (v1.0)
-
MoustachedBouncer (v1.0)
-
Scattered Spider (v1.0)
-
TA2541 (v1.0)
-
Volt Typhoon (v1.0)
Major Version Changes
-
APT29 (v4.0→v5.0)
-
FIN7 (v2.2→v3.0)
-
FIN8 (v1.3→v2.0)
-
Indrik Spider (v2.1→v3.0)
-
Turla (v3.1→v4.0)
-
Wizard Spider (v2.1→v3.0)
Minor Version Changes
-
APT32 (v2.6→v2.7)
-
Confucius (v1.0→v1.1)
-
Dragonfly (v3.1→v3.2)
-
LAPSUS$ (v1.1→v1.2)
-
Magic Hound (v5.1→v5.2)
-
Sandworm Team (v3.0→v3.1)
-
SilverTerrier (v1.1→v1.2)
Patches
-
APT37 (v2.0)
-
Ajax Security Team (v1.0)
-
Darkhotel (v2.1)
-
Kimsuky (v3.1)
Mobile
New Groups
-
Confucius (v1.1)
-
MoustachedBouncer (v1.0)
Minor Version Changes
-
Sandworm Team (v3.0→v3.1)
ICS
Major Version Changes
-
FIN7 (v2.2→v3.0)
-
Wizard Spider (v2.1→v3.0)
Minor Version Changes
-
Dragonfly (v3.1→v3.2)
-
Sandworm Team (v3.0→v3.1)
Campaigns
Enterprise
New Campaigns
Minor Version Changes
-
Operation Dream Job (v1.0→v1.1)
Mobile
ICS
New Campaigns
Assets
ICS
New Assets
-
Application Server (v1.0)
-
Control Server (v1.0)
-
Data Gateway (v1.0)
-
Data Historian (v1.0)
-
Field I/O (v1.0)
-
Jump Host (v1.0)
-
Remote Terminal Unit (RTU) (v1.0)
-
Routers (v1.0)
-
Safety Controller (v1.0)
-
Workstation (v1.0)
Mitigations
Enterprise
Minor Version Changes
-
Application Developer Guidance (v1.0→v1.1)
Mobile
New Mitigations
-
Antivirus/Antimalware (v1.0)
Minor Version Changes
-
Application Developer Guidance (v1.0→v1.1)
Patches
-
Interconnection Filtering (v1.0)
ICS
Minor Version Changes
-
Authorization Enforcement (v1.0→v1.1)
-
Human User Authentication (v1.0→v1.1)
Patches
-
Access Management (v1.0)
-
Account Use Policies (v1.0)
-
Antivirus/Antimalware (v1.0)
-
Audit (v1.0)
-
Boot Integrity (v1.0)
-
Code Signing (v1.0)
-
Communication Authenticity (v1.0)
-
Data Backup (v1.0)
-
Encrypt Network Traffic (v1.0)
-
Execution Prevention (v1.0)
-
Exploit Protection (v1.0)
-
Filter Network Traffic (v1.0)
-
Limit Hardware Installation (v1.0)
-
Multi-factor Authentication (v1.0)
-
Network Allowlists (v1.0)
-
Network Intrusion Prevention (v1.0)
-
Network Segmentation (v1.0)
-
Password Policies (v1.0)
-
Redundancy of Service (v1.0)
-
Restrict Library Loading (v1.0)
-
Restrict Web-Based Content (v1.0)
-
Software Configuration (v1.0)
-
Static Network Configuration (v1.1)
-
Supply Chain Management (v1.0)
-
Update Software (v1.0)
-
User Account Management (v1.0)
-
User Training (v1.0)
-
Validate Program Inputs (v1.0)
-
Vulnerability Scanning (v1.0)
Contributors to this release
-
Aaron Jornet
-
Adam Lichters
-
Adam Mashinchi
-
Ai Kimura, NEC Corporation
-
Alain Homewood
-
Alex Spivakovsky, Pentera
-
Amir Gharib, Microsoft Threat Intelligence
-
Andrew Northern, @ex_raritas
-
Arad Inbar, Fidelis Security
-
Austin Herrin
-
Ben Smith, @ezaspy
-
Bilal Bahadır Yenici
-
Blake Strom, Microsoft Threat Intelligence
-
Brian Donohue
-
Caio Silva
-
Christopher Peacock
-
Edward Stevens, BT Security
-
Ford Qin, Trend Micro
-
Giorgi Gurgenidze, ISAC
-
Goldstein Menachem
-
Gregory Lesnewich, @greglesnewich
-
Gunji Satoshi, NEC Corporation
-
Harry Kim, CODEMIZE
-
Harun Küßner
-
Hiroki Nagahama, NEC Corporation
-
Itamar Mizrahi, Cymptom
-
Jack Burns, HubSpot
-
Janantha Marasinghe
-
Jennifer Kim Roman, CrowdStrike
-
Joas Antonio dos Santos, @C0d3Cr4zy
-
Joe Gumke, U.S. Bank
-
Joe Slowik - Dragos
-
Joey Lei
-
Juan Tapiador
-
Liran Ravich, CardinalOps
-
Manikantan Srinivasan, NEC Corporation India
-
Martin McCloskey, Datadog
-
Matt Green, @mgreen27
-
Michael Raggi @aRtAGGI
-
Mohit Rathore
-
Naveen Devaraja, bolttech
-
Noam Lifshitz, Sygnia
-
Olaf Hartong, Falcon Force
-
Oren Biderman, Sygnia
-
Pawel Partyka, Microsoft Threat Intelligence
-
Phyo Paing Htun (ChiLai), I-Secure Co.,Ltd
-
Pooja Natarajan, NEC Corporation India
-
Sam Seabrook, Duke Energy
-
Serhii Melnyk, Trustwave SpiderLabs
-
Shailesh Tiwary (Indian Army)
-
Shankar Raman, Gen Digital and Abhinand, Amrita University
-
Sunders Bruskin, Microsoft Threat Intelligence
-
Tahseen Bin Taj
-
Thanabodi Phrakhun, @naikordian
-
The DFIR Report
-
Tim (Wadhwa-)Brown
-
Tom Simpson, CrowdStrike Falcon OverWatch
-
Tristan Madani (Cybereason)
-
TruKno
-
Uriel Kosayev
-
Vijay Lalwani
-
Will Thomas, Equinix
-
Yasuhito Kawanishi, NEC Corporation
-
Yoshihiro Kori, NEC Corporation
-
Yossi Weizman, Microsoft Threat Intelligence
3650
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
