One of the most exciting, useful, and needed efforts in recent years for information security is the MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) framework, a way to describe and categorize adversarial behaviors based on real-world observations. The goal of ATT&CK is to be a living dataset that is continuously updated with new information as soon as it can be verified by the industry, therefore enabling security teams to trust the information to be complete. It eliminates the worry of missing the important “unknown unknowns”.
Using the key ideas and strategies presented in this whitepaper, you can steer your SOC team in a positive, objective direction, one that is informed by threat intelligence. Thus, arming cyber defenders and giving them a better chance of defeating unwanted attacks.
Key points of discussion:
- What is MITRE ATT&CK? Why is it important?
- The MITRE ATT&CK knowledge base
- Using MITRE ATT&CK to improve operations
- Keys to success
- Common challenges
- Tools and resources
Guide your SOC team towards the road to success for the long term by leveraging the ATT&CK framework.