Security News > 2021 > June > Microsoft hooks up with MITRE to map Azure's ATT&CK surface for 'proactive security'

MITRE's Centre for Threat-Informed Defence and Microsoft have jointly rolled out Security Stack Mappings for Azure, aimed at bringing the former's Adversarial Tactics, Techniques, and Common Knowledge framework into the latter's cloud platform - with rival platforms to follow.

The deal made Azure the first cloud platform to actively link to ATT&CK by mapping in-built security controls to the framework.

"With these resources we have established the foundation for systematically mapping security controls to ATT&CK and provided a critical resource for organisations to assess their Azure security control coverage against real-world threats as described in the ATT&CK knowledge base."

The project, dubbed Security Stack Mappings, sees each of the security controls provided by Microsoft's Azure platform mapped to ATT&CK threat techniques - in some cases, more than one.

"The mappings between the Azure security stack and ATT&CK establish a foundation for future innovation," Amon and Baker confirmed.

"Combining the framework with Azure serves up an extra layer of protection for organisations. As Microsoft and the rest of the industry now have a reliable way of repeatedly adding on the mapping of built in security controls, it will inevitably help against ATT&CK techniques."

News URL

https://go.theregister.com/feed/www.theregister.com/2021/06/30/microsoft_mitre_azure/