This post is a continuation of Part 1 - Evaluating Security Stack Resilience against Attack use cases - a suggested framework.
The following photos will show some of the use cases (or playbooks) that demonstrate how Mandiant Security Validation (MSV) can be utilized to assess and enhance the effectiveness of security controls within an organization. Note: Unfortunately the full list cannot fit in the post and if you want to get it, please DM me.
Network Security Stack Use cases
Endpoint Security Stack Use cases
These use cases are structured around specific objectives, applicable security controls, prerequisites, as well as the source and destination for each scenario. They also guide on how to filter MSV content to execute the needed actions. While the use cases are designed with MSV in mind, they serve as a foundational guide for evaluating security controls either manually or using other security validation platforms.
Here's a simplified overview of the information from the use cases:
While the list of the use cases provides detailed information on how to utilize MSV for security validation, the essence is that these use cases offer structured scenarios to test and improve the security posture of an organization. Each use case is designed to challenge specific aspects of the security infrastructure, ensuring that defenses are robust and capable of mitigating potential threats.