Security News > 2020 > February > Fidelis Adds Risk Simulation and MITRE ATT&CK Mapping to Elevate Platform
"This allows me to understand the potential avenues for attack," explained Harber, "And allows me to improve the overall security of the network. Patching, for example. I may not be able to patch everything, but the risk simulation can highlight areas that I really ought to patch to protect downstream high value assets; or perhaps apply additional deception decoys and breadcrumbs along the potential attack route."
The risk simulator, potentially enhanced by knowledge of possible TTPs gleaned from the MITRE ATT&CK mapping where an intruder has already been detected on an endpoint, allows the analysts to engage in a variation of red team/blue team defending without the need to employ a separate white hat red team.
Since the intruder has already been detected, the ATT&CK mapping may have already identified likely candidates for the attack group, and indicated potential TTPs and targets.
The blue team can start from high value target assets and then use the risk simulator to assess the risk level associated with that target asset - and the possible inward paths that might be used by the attacker laterally moving in on the target.
"Fidelis Elevate provides a comprehensive solution that automatically detects in real-time individual attack techniques and alerts on critical technique sequences which give strong indications of both APTs and potential zero-day attacks, allowing threat hunters to proactively respond to attacks before it's too late."