Security News

McAfee introduced MITRE ATT&CK into McAfee MVISION Cloud, the company's Cloud Access Security Broker, delivering a precise method to hunt, detect and stop cyberattacks on cloud services. This new integration gives SecOps teams a direct source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK. McAfee is the first CASB provider to tag and visualize cloud security events within an ATT&CK. "Many SecOps teams leverage repeatable processes and frameworks such as ATT&CK to mitigate risk and respond to threats to their endpoints and networks, but so far cloud threats and vulnerabilities have presented an unfamiliar paradigm," said Rajiv Gupta, senior vice president and general manager of Cloud Security, McAfee.

MITRE's Center for Technology & National Security, created to enhance MITRE's engagement with senior government leadership, named five highly esteemed national security officials to its newly established advisory board. "CTNS builds on the experience and expertise of thousands of our nation's most respected scientific and engineering minds," said Bill LaPlante, senior vice president for the MITRE National Security Sector.

Guardicore unveiled new capabilities for its open source Infection Monkey breach and attack simulation tool, used by thousands to review and analyze how their environments may be vulnerable to lateral movement and attacks. The latest version of Guardicore Infection Monkey now maps its actions to the MITRE ATT&CK knowledge base, providing a new report with the utilized techniques and recommended mitigations, to help security and network infrastructure teams simulate APT attacks and mitigate real attack paths intelligently.

Guardicore's open source breach and attack simulation platform Infection Monkey now maps its attack results to the MITRE ATT&CK framework, allowing users to quickly discover internal vulnerabilities and rapidly fix them. Infection Monkey operates within organizations' existing environments, whether cloud, on prem, hypervisors or containers, and finds and maps lateral movement paths through the environment using real world exploits.

"This allows me to understand the potential avenues for attack," explained Harber, "And allows me to improve the overall security of the network. Patching, for example. I may not be able to patch everything, but the risk simulation can highlight areas that I really ought to patch to protect downstream high value assets; or perhaps apply additional deception decoys and breadcrumbs along the potential attack route." The risk simulator, potentially enhanced by knowledge of possible TTPs gleaned from the MITRE ATT&CK mapping where an intruder has already been detected on an endpoint, allows the analysts to engage in a variation of red team/blue team defending without the need to employ a separate white hat red team.

Gurucul, a leader in unified security and risk analytics technology for on-premises and the cloud, announced the Gurucul Risk Analytics platform has added and aligned machine learning models to detect and enable automated responses to adversarial tactics and techniques defined by the MITRE ATT&CK Framework. "Gurucul customers using the MITRE ATT&CK Framework confirmed that these new advanced behavior models have been able to detect unknown threats associated with high risk third parties including customers, partners and contractors, that evaded signature-based approaches," said Nilesh Dherange, CTO of Gurucul.

MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems. The new ATT&CK for ICS knowledge base builds upon it in an effort to help critical infrastructure and other organizations whose environments house ICS. In addition to a matrix that provides an overview of the tactics and techniques used by adversaries, ATT&CK for ICS covers attack techniques in more detail, the malware used by threat actors, and the threat groups known to have launched ICS-related attacks.

MITRE Engenuity, a tech foundation for public good, announced the Center for Threat-Informed Defense, a collaboration with industry to improve cyber defense at scale through collaborative research...

American not-for-profit organization MITRE Corporation has announced the launch of a tech foundation focused on strengthening critical infrastructure through partnerships with the private sector. read more

MITRE has launched a tech foundation to advance its mission of solving problems for a safer world by working with the private sector to strengthen critical infrastructure. The foundation provides...