Archive for the ‘Attack Matrix’ Category

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. The presence of these vulnerabilities within the infrastructure of an organization could potentially expose it to a broad range of attacks. ā€œWelcome to the 2022 Common Weakness Enumeration […]

Leave a Comment

MITRE ATT&CK Framework Explained: Why it Matters

We all know that cyberthreats have become more frequent, stealthier and more sophisticated. Whatā€™s more, the traditional, reactive approach to detecting threats by hunting indicators of compromise (IoCs) using markers like IP addresses, domains and file hashes is quickly becoming outdatedā€”threats are only detected once a compromise is achieved and attackers are readily able to alter these markers to evade detection. To overcome this issue, the cybersecurity community came up with the concept of anomaly-based detection, a […]

Leave a Comment

Best Practice for Mitre Attack mapping

Leave a Comment

Best Practice for Mitre Att&ck Mapping

MITRE ATT&CK for dummies How to Improve Threat Detection and Hunting in the AWS Cloud Using the MITRE ATT&CKĀ® Matrix

Leave a Comment

MITRE ATT&CK Update Covers Insider Threat Attack Techniques

Unmasking/Uncovering the Real Insider Threat According to the Verizon 2021 Data Breach Investigations Report, insiders are responsible for around 22% of security incidents. That is clearly a significant number and insider threats are quickly becoming one of the most common cybersecurity threats organizations face today. The challenge that continues to remain high with insider threats is […]

Leave a Comment

CVE + MITRE ATT&CKĀ® to Understand Vulnerability Impact

Historically, vulnerability management and threat management have been separate disciplines, but in a risk-focused world, they need to be brought together. Defenders struggle to integrate vulnerability and threat information and lack a consistent view of how adversaries use vulnerabilities to achieve their goals. Without this context, it is difficult to appropriately prioritize vulnerabilities. To bridge […]

Leave a Comment

Released: MITRE ATT&CK v10

MITRE Corporation has released the tenth version of ATT&CK, its globally accessible (and free!) knowledge base of cyber adversary tactics and techniques based on real-world observations. Version ten comes with new Data Source objects, new and changed techniques in its various matrices, key changes to facilitate hunting in ICS environments, and more. MITRE ATT&CK v10 […]

Leave a Comment

New tool allows organizations to customize their ATT&CK database

MITRE Engenuity has releasedĀ ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of theĀ MITRE ATT&CK databaseĀ of cyber adversary behavior. The tool allows users to add notes, and create new or extend existing objects ā€“ matrices,Ā techniques, tactics, mitigations, groups, and software ā€“ with new content. It also allows them to share […]

Leave a Comment

ATT&CKĀ® for Containers now available!

Weā€™re excited to announce the official release ofĀ ATT&CK for Containers! This release marks the culmination of aĀ Center for Threat-Informed Defense (Center)Ā research project sponsored by Citigroup, JPMorgan Chase, and Microsoft that investigatedĀ the viability of adding container-related techniques into ATT&CK. This investigation led to developing a draft of an ATT&CK for Containers matrix, which we contributed to […]

Leave a Comment

How do I select an attack detection solution for my business?

When selecting an attack detection solution, no single product will provide the adequate detection needed that is required to detect and defend against the current advanced threat landscape. The holistic aspect of defending against threat actors requires technology, expertise, and intelligence. The technology should be a platform of integrated technologies providing detection at each point […]

Leave a Comment

Translating TTPs into Actionable Countermeasures | All-Around Defenders

Ismael Valenzuela (McAfee/SANS) and Vicente Diaz (Threat Intel Strategist at Virustotal) SANS Institute‘s #SEC530 course co-authored by Ismael Valenzuela (@aboutsecurity), providing students access to VTIntelligence to help them make TTPs actionable. MITRE Enterprise ATT&CK Framework Comparing Layers in ATT&CK Navigator – MITRE ATT&CKĀ®

Leave a Comment

MITRE ATT&CKĀ® Framework

MITRE ATT&CKĀ® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the creation of ATT&CK, MITRE is fulfilling […]

Leave a Comment

The MITRE Att&CK Framework

A recent article from Gartner states that, “Audit Chiefs Identify IT Governance as Top Risk for 2021.” I agree that IT governance is important but I question how much does the IT governance board understand about the day to day tactical risks such as the current threats and vulnerabilities against a companies attack surface? How […]

Leave a Comment

Get More Value from NIST CSF, MITRE ATT&CK and COSO ERM with RiskLens

MITRE ATT&CK matrices MITRE ATT&CK is a tool to help cybersecurity teams get inside the minds of threat actors to anticipate their lines of attack and most effectively position defenses. MITRE ATT&CK works synergistically with FAIR to refine a risk scenario (ā€œthreat actor uses a method to attack an asset resulting in a lossā€). Enter […]

Leave a Comment

Attempted Attack Matrix

Use ATT&CK to map defenses and understand gaps The natural inclination of most security teams when looking at MITRE ATT&CK is to try and develop some kind of detection or prevention control for each technique in the enterprise matrix. While this isnā€™t a terrible idea, the nuances of ATT&CK make this approach a bit dangerous […]

Leave a Comment