Security News

Guardicore unveiled new capabilities for its open source Infection Monkey breach and attack simulation tool, used by thousands to review and analyze how their environments may be vulnerable to lateral movement and attacks. The latest version of Guardicore Infection Monkey now maps its actions to the MITRE ATT&CK knowledge base, providing a new report with the utilized techniques and recommended mitigations, to help security and network infrastructure teams simulate APT attacks and mitigate real attack paths intelligently.

Guardicore's open source breach and attack simulation platform Infection Monkey now maps its attack results to the MITRE ATT&CK framework, allowing users to quickly discover internal vulnerabilities and rapidly fix them. Infection Monkey operates within organizations' existing environments, whether cloud, on prem, hypervisors or containers, and finds and maps lateral movement paths through the environment using real world exploits.

"This allows me to understand the potential avenues for attack," explained Harber, "And allows me to improve the overall security of the network. Patching, for example. I may not be able to patch everything, but the risk simulation can highlight areas that I really ought to patch to protect downstream high value assets; or perhaps apply additional deception decoys and breadcrumbs along the potential attack route." The risk simulator, potentially enhanced by knowledge of possible TTPs gleaned from the MITRE ATT&CK mapping where an intruder has already been detected on an endpoint, allows the analysts to engage in a variation of red team/blue team defending without the need to employ a separate white hat red team.

Gurucul, a leader in unified security and risk analytics technology for on-premises and the cloud, announced the Gurucul Risk Analytics platform has added and aligned machine learning models to detect and enable automated responses to adversarial tactics and techniques defined by the MITRE ATT&CK Framework. "Gurucul customers using the MITRE ATT&CK Framework confirmed that these new advanced behavior models have been able to detect unknown threats associated with high risk third parties including customers, partners and contractors, that evaded signature-based approaches," said Nilesh Dherange, CTO of Gurucul.

MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems. The new ATT&CK for ICS knowledge base builds upon it in an effort to help critical infrastructure and other organizations whose environments house ICS. In addition to a matrix that provides an overview of the tactics and techniques used by adversaries, ATT&CK for ICS covers attack techniques in more detail, the malware used by threat actors, and the threat groups known to have launched ICS-related attacks.

MITRE Engenuity, a tech foundation for public good, announced the Center for Threat-Informed Defense, a collaboration with industry to improve cyber defense at scale through collaborative research...

American not-for-profit organization MITRE Corporation has announced the launch of a tech foundation focused on strengthening critical infrastructure through partnerships with the private sector. read more

MITRE has launched a tech foundation to advance its mission of solving problems for a safer world by working with the private sector to strengthen critical infrastructure. The foundation provides...

The MITRE Corporation this week published an updated list of the most dangerous software weaknesses and vulnerabilities. Known as the Common Weakness Enumeration (CWE) Top 25 Most Dangerous...

By Mapping Skills and Training to MITRE ATT@CK, Skill Levels Can be Visualized in Real-Time read more