To
succeed
as
a
cybersecurity
analyst,
you
need
to
understand
the
traits,
values,
and
thought
processes
of
hackers,
along
with
the
tools
they
use
to
launch
their
attacks.
During
a
webinar
called
The
Hacker
Mindset,
a
Red
Team
Researcher
shared
how
you
can
use
some
of
these
tools
for
your
own
detection
and
prevention
of
breaches.
He
also
demonstrated
how
an
attack
takes
place
using
the
Follina
exploit
as
an
example.
So,
what
does
“the
hacker
mindset”
mean?
The
hacker
mindset
can
be
characterized
by
three
core
values:
a
strong
sense
of
curiosity,
an
adversarial
attitude,
and
persistence.
3
core
values
of
a
hacker’s
mindset
1
—
“Curiosity
might
have
killed
the
cat,
but
it
had
nine
lives.”
Curiosity
drives
hackers
to
explore
and
understand
systems,
networks,
and
software
in
order
to
identify
vulnerabilities.
Not
only
are
they
constantly
seeking
new
knowledge
and
skills
to
improve
their
abilities
and
stay
ahead
of
security
measures,
they’re
constantly
applying
newly
learned
approaches,
tricks,
and
techniques
in
different
systems.
2
—
“Move
fast
and
break
things”
Although
dramatically
different
in
context
from
Facebook’s
blitz-scaling
motto,
an
adversarial
attitude
is
a
mindset
that
is
always
looking
for
ways
to
defeat
security
measures,
challenge
the
status
quo,
and
push
the
boundaries
of
what
is
possible.
Hackers
are
often
driven
by
a
desire
to
prove
their
own
abilities
and
to
test
the
limits
of
systems
and
networks.
Hackers
constantly
ask
themselves:
“how
can
I
break
this?”,
“how
can
I
exploit
this?”,
“how
can
I
bend
this
to
my
will
and
cause
maximum
damage?”
Cybersecurity
teams,
on
the
flip
side,
are
focused
on
protection.
However,
employing
an
adversarial
mindset
is
an
essential
critical
thinking
tool
that
can
help
drastically
improve
the
organization’s
cyber
posture
by
preemptively
detecting
and
remediating
vulnerabilities.
3
—
“Of
course
I
struggle,
I
just
don’t
quit”
Persistence
is
an
important
trait
for
hackers
as
they
often
need
to
try
multiple
approaches
and
techniques
in
order
to
find
a
way
into
a
system.
They
may
encounter
roadblocks
and
failures,
but
they
don’t
give
up
easily.
They’ll
will
continue
to
work
until
they
have
achieved
their
goal.
Often
hackers
remind
themselves
that
cybersecurity
teams
need
to
identify
and
remediate
all
vulnerabilities
while
a
hacker
needs
to
find
only
one.
The
relentless
pursuit
of
vulnerabilities
is
at
their
core.
Why
understanding
MITRE
ATT&CK
is
key
MITRE
ATT&CK
is
a
systematic
way
of
understanding
and
defending
against
cyber
threats
by
identifying
the
methods
and
techniques
that
attackers
use
to
gain
access
to
systems
and
steal
or
damage
data.
The
framework
describes
the
tactics,
techniques,
and
procedures
(TTPs)
used
by
cyber
attackers.
It’s
used
to
help
organizations
understand
and
defend
against
cyber
threats.
The
framework
is
divided
into
different
“matrices”
which
cover
various
types
of
threats
like
enterprise,
mobile,
and
industrial
control
systems.
Each
matrix
lists
the
different
TTPs
that
attackers
may
use,
like
initial
access,
execution,
persistence,
and
data
exfiltration.
The
goal
of
the
MITRE
ATT&CK
framework
is
to
provide
a
common
language
and
understanding
of
the
tactics
and
techniques
used
by
attackers.
This
allows
organizations
to
better
identify
and
prioritize
their
security
efforts,
and
to
develop
more
effective
defenses
against
cyber
threats.
If
you
understand
the
framework,
you’re
one
step
ahead
in
finding
the
right
tools
that
will
help
you
to
gain
visibility
into
critical
assets
like
user
data,
endpoints,
servers,
and
SaaS
applications
–
allowing
you
to
find
the
next
vulnerability
before
it’s
exploited
by
a
hacker.
Want
to
learn
more
about
getting
into
the
hacker
mindset?
Check
out
the
full
recording
of
The
Hacker
Mindset
here.
this
article
interesting?
Follow
us
on
and
to
read
more
exclusive
content
we
post.
About Author
