logo
        • Who We Are
        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage
        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us
        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Cybersecurity
        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations
        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense
        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • Developing tomorrow's cyber workforce today.
        • News & Insights
        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

        • Subscribe to Our Newsletters
        • Our tech foundation is addressing the complex problems that face our nation today. Find out how you can join our efforts as we spur innovation for public good.

          Subscribe

Behind the Attack: Scott Busby

The ATT&CK Evaluations (Evals) team are a group of dedicated cybersecurity professionals with multiple decades of combined experience. Meet Scott Busby, the Red Team Operator Lead on the Evals team and one of the key minds behind development and execution of our emulation plans.

Scott Busby, a man with a beard, kneels next to a his daughter wearing a balloon hat on a lively street at night, with a Ferris wheel lit up in the background.

What is your role on the team?

My role involves leasing and training the red team operators in evaluations, as well as developing malware and red team components tailored for the evaluation.

What accomplishment are you most proud of on the Evaluations team?

I’m particularly proud of developing some of the malware components that help to enhance our evaluation process, as well as creating a stronger training program that helps our operators to more confidently step into their role.

How has your career led you to MITRE and your current role?

From the start of my career, I knew offensive security was my passion, though the path to get there wasn’t clear to me. Penetration testing became my primary job which eventually led me to explore Red Teaming and, ultimately malware development, where I found more challenge and creativity. My drive for growth and innovation eventually brought me to my current role at MITRE.

What skill – technical or soft – have you found useful in your current role?

My broad technical experience with various technologies has been invaluable in this role, allowing me to adapt to different environments. Additionally, my time as a consultant for small businesses, where I often wore many hats, has given me the needed versatility and problem-solving skills that consistently prove their worth in fast-paced, dynamic environments.

What’s an interesting trend in Cybersecurity

I find it fascinating that the video game industry (specifically anti-cheat technology and game hackers) often operates several years ahead of the broader cyber security industry. The tools and techniques developed to counter game hackers or evade anti-cheat are often cutting-edge and we eventually see them in practice several years later in the security industry.

I enjoy spending time with my daughter, staying active by working out, programming and problem-solving, working on cars, and gaming.

Interested in connecting with Scott? Follow him on LinkedIn