What if most organizations are testing their security tools against the wrong threats entirely?As the leader behind the industry standard program that helps organizations understand how security tools perform against real-world threats, William Booth, General Manager and Director of MITRE's ATT&CK Evaluations, shares common misconceptions in adversary emulation, the gap between compliance and actual security effectiveness, and practical advice for security leaders trying to make sense of vendor claims and build truly effective defense strategies.0:00 Episode highlights and introduction0:56 How a money laundering investigation inspired William to enter the field6:11 What MITRE ATT&CK evaluations actually test and why participation matters23:07 Selecting the right adversary for emulation in your organization35:11 Compliance goes beyond security controls44:18 Browser attacks in ATT&CK evaluations58:37 AI's impact on evaluations and security tool performance1:10:07 Closing: advice for security leaders evaluating vendor claims🔔 Follow William and John on:https://www.linkedin.com/in/williambbooth/https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Ver todos los episodios