Some people will have an urge to know what is MITRE ATT&CK all about and what those methods can do within the cybersecurity field. Let’s dig more for knowledge purpose

Firstly, we need to know What is MITRE ATT&CK.

Brief about MITRE ATT&CK

MITRE ATT&CK is a method where it can be accessible from globally which will focus on real-world observations of the latest cyberattack. ATT&CK word stands for Adversarial Tactics, Techniques, and Common Knowledge. Like other cybersecurity matrices, MITRE ATT&CK has a focus on attack stages such as data theft or any machine access control level.

MITRE is an organization that been funded by the government which is based in a few places such as Bedford, MA, and VA (McLean). The organization has been involved in a variety of commercial and top-secret projects for agencies.

Source: MITRE ATT&CK™ Framework

FUN FACTS: MITRE is a creation of James McCormack who is an early board member where wanted a name that meant nothing.

MITRE ATT&CK Objective

The objective of MITRE ATT&CK is that for a comprehensive list of known adversary tactics and techniques been created when a cyberattack occurs. It has also been created for a standards taxonomy which will make it more organised for communication among organizations.

MITRE ATT&CK Usage for Organizations

Nowadays, there is a lot of ways for an organization to make use of MITRE ATT&CK in their daily operation’s routines. Below are the way that organization can choose from:

  • ATT&CK can be used in Adversary Emulation to create scenarios that fit the organization where they will test and verify protection that works against any common adversary techniques.
  • Red Teaming plan can be produced via ATT&CK and it will manage the operations in terms of avoiding certain defensive measures that been implemented within a network.
  • In terms of detecting any adversarial behavior within an environment, Behavioral Analytics will be created where it can be used to construct and test the development process
  • To see how effective a SOC Maturity Assessment process is in detecting, analyzing, and responding to any intrusions can be determined by created one measurement from ATT&CK.

Source: Sigma from scratch and MITRE attack

By Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *