Security News > 2020 > September > MITRE Shield shows why deception is security’s next big thing
Seasoned cybersecurity pros will be familiar with MITRE. Known for its MITRE ATT&CK framework, MITRE helps develop threat models and defensive methodologies for both the private and public sector cybersecurity communities.
MITRE recently added to their portfolio and released MITRE Shield, an active defense knowledge base that captures and organizes security techniques in a way that is complementary to the mitigations featured in MITRE ATT&CK. The MITRE Shield framework focuses on active defense and adversary engagement, which takes the passivity out of network defense.
MITRE defines active defense as ranging from "Basic cyber defensive capabilities to cyber deception and adversary engagement operations," which "Allow an organization to not only counter current attacks, but also learn more about that adversary and better prepare for new attacks in the future."
MITRE Shield currently contains 34 deception-based tactics, all mapped to one of MITRE's eight active defense categories: Channel, Collect, Contain, Detect, Disrupt, Facilitate, Legitimize and Test.
While a company doesn't have to use all of the deception-based tactics outlined in MITRE Shield to prevent attacks, low interaction decoys are a good place to start, and can be deployed in a matter of minutes.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/18uhS-hkh9o/