Using MITRE's ATT&CK Navigator for Gap Analysis
HTML-код
- Опубликовано: 11 сен 2024
- Cyber Threat Intelligence isn't just for the big companies! MITRE has built an open and expansive resource for all of us, and now we too can begin to leverage threat intelligence to improve our defenses and structure our operations. The Adversarial Tactics, Techniques, and Common Knowledge database (ATT&CK) helps us see not only the behaviors we can expect from the bad actors, but how we might mitigate the risk or detect their actions.
In this primer, we take a few minutes to get oriented and then set about evaluating some threat actors and their behaviors. After building that consolidated threat picture, we see how simple it is to compare that against defenses we have provisioned to help guide our future security efforts.
MITRE ATT&CK's Home Page: attack.mitre.org
ATT&CK Navigator (hosted): mitre-attack.g...
ATT&CK Navigator (for install): github.com/mit...
MITRE's Center for Threat-Informed Defense: ctid.mitre-eng...
Amazing resource explanation! Thank you! BTW - love the shirt
Great demo👌👍💯
Thanks for this mate
Really cool video! Can you share some examples of some successful attacks and how each layer of MITRE was used in it?
Hello Aniket! There are a lot of great threat intel blogs out there by Cisco and others that actually do exactly that. A great one to follow can be seen here: blog.talosintelligence.com/2021/08/vice-society-ransomware-printnightmare.html
Hey Mike, Thank you for wonderful video. I am comparing 2 APT group layers. Suppose, I want to select few techniques in an existing layer manually , how can i do that? I could not see any options to select additional techniques. Thanks in advance.
Assuming you have already selected some techniques via a Group search or something, you can click on additional techniques to add them in. The trick is to ensure you actually score or color those before you deselect them or move away from that tab.