New tool allows organizations to customize their ATT&CK database

2021-06-23 09:00

MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber adversary behavior.

The tool allows users to add notes, and create new or extend existing objects - matrices, techniques, tactics, mitigations, groups, and software - with new content.

"For too long, sophisticated users of MITRE ATT&CK have struggled to integrate their organization's local knowledge of cyber adversaries and their tactics, techniques, and procedures with the public ATT&CK knowledge base," MITRE Engenuity noted.

At the moment, Workbench supports integrations with ATT&CK Website Repository, which allows users to see and navigate their customized knowledge base through the ATT&CK website, and ATT&CK Navigator Repository, a web-based tool for annotating and exploring ATT&CK matrices.

"To facilitate team collaboration, the Workbench includes features such as the ability to mark objects as 'work in progress,' 'awaiting review,' or 'reviewed,' and the ability to look through the history of an object to determine when a change was made and by whom," Isabel Tuson, MITRE ATT&CK Infrastructure Lead, and Jon Baker, Director of Research & Development, Center for Threat-Informed Defense at MITRE Engenuity, explained.

Sharing of ATT&CK-related information among organizations will streamline the process of staying synchronized with ATT&CK, allow users to integrate the latest from ATT&CK with intelligence extensions from other sources, and create structure and consistency for contributions to ATT&CK, they added.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/i7-J_9pNUP8/

#database