Posted in Information Security

MITRE ATT&CK Knowledge

   Published Date: June 8, 2020

Some people will have an urge to know what is MITRE ATT&CK all about and what those methods can do within the cybersecurity field. Let’s dig more for knowledge purpose

Firstly, we need to know What is MITRE ATT&CK.

Brief about MITRE ATT&CK

MITRE ATT&CK is a method where it can be accessible from globally which will focus on real-world observations of the latest cyberattack. ATT&CK word stands for Adversarial Tactics, Techniques, and Common Knowledge. Like other cybersecurity matrices, MITRE ATT&CK has a focus on attack stages such as data theft or any machine access control level.

MITRE is an organization that been funded by the government which is based in a few places such as Bedford, MA, and VA (McLean). The organization has been involved in a variety of commercial and top-secret projects for agencies.

Source: MITRE ATT&CK™ Framework

FUN FACTS: MITRE is a creation of James McCormack who is an early board member where wanted a name that meant nothing.

MITRE ATT&CK Objective

The objective of MITRE ATT&CK is that for a comprehensive list of known adversary tactics and techniques been created when a cyberattack occurs. It has also been created for a standards taxonomy which will make it more organised for communication among organizations.

MITRE ATT&CK Usage for Organizations

Nowadays, there is a lot of ways for an organization to make use of MITRE ATT&CK in their daily operation’s routines. Below are the way that organization can choose from:

  • ATT&CK can be used in Adversary Emulation to create scenarios that fit the organization where they will test and verify protection that works against any common adversary techniques.
  • Red Teaming plan can be produced via ATT&CK and it will manage the operations in terms of avoiding certain defensive measures that been implemented within a network.
  • In terms of detecting any adversarial behavior within an environment, Behavioral Analytics will be created where it can be used to construct and test the development process
  • To see how effective a SOC Maturity Assessment process is in detecting, analyzing, and responding to any intrusions can be determined by created one measurement from ATT&CK.

Source: Sigma from scratch and MITRE attack

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *