Security News

New Version of Infection Monkey Maps to MITRE ATT&CK Framework
2020-04-28 14:59

Guardicore's open source breach and attack simulation platform Infection Monkey now maps its attack results to the MITRE ATT&CK framework, allowing users to quickly discover internal vulnerabilities and rapidly fix them. Infection Monkey operates within organizations' existing environments, whether cloud, on prem, hypervisors or containers, and finds and maps lateral movement paths through the environment using real world exploits.

Fidelis Adds Risk Simulation and MITRE ATT&CK Mapping to Elevate Platform
2020-02-20 14:43

"This allows me to understand the potential avenues for attack," explained Harber, "And allows me to improve the overall security of the network. Patching, for example. I may not be able to patch everything, but the risk simulation can highlight areas that I really ought to patch to protect downstream high value assets; or perhaps apply additional deception decoys and breadcrumbs along the potential attack route." The risk simulator, potentially enhanced by knowledge of possible TTPs gleaned from the MITRE ATT&CK mapping where an intruder has already been detected on an endpoint, allows the analysts to engage in a variation of red team/blue team defending without the need to employ a separate white hat red team.

Gurucul Risk Analytics platform automates threat detection and response for MITRE ATT&CK Framework
2020-02-17 01:30

Gurucul, a leader in unified security and risk analytics technology for on-premises and the cloud, announced the Gurucul Risk Analytics platform has added and aligned machine learning models to detect and enable automated responses to adversarial tactics and techniques defined by the MITRE ATT&CK Framework. "Gurucul customers using the MITRE ATT&CK Framework confirmed that these new advanced behavior models have been able to detect unknown threats associated with high risk third parties including customers, partners and contractors, that evaded signature-based approaches," said Nilesh Dherange, CTO of Gurucul.

MITRE Releases ATT&CK Knowledge Base for Industrial Control Systems
2020-01-08 12:05

MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems. The new ATT&CK for ICS knowledge base builds upon it in an effort to help critical infrastructure and other organizations whose environments house ICS. In addition to a matrix that provides an overview of the tactics and techniques used by adversaries, ATT&CK for ICS covers attack techniques in more detail, the malware used by threat actors, and the threat groups known to have launched ICS-related attacks.

MITRE Engenuity Center for Threat-Informed Defense improves cyber defense at scale
2019-11-15 03:30

MITRE Engenuity, a tech foundation for public good, announced the Center for Threat-Informed Defense, a collaboration with industry to improve cyber defense at scale through collaborative research...

New MITRE Foundation Aims to Boost Critical Infrastructure
2019-11-14 12:45

American not-for-profit organization MITRE Corporation has announced the launch of a tech foundation focused on strengthening critical infrastructure through partnerships with the private sector. read more

MITRE Engenuity to strengthen critical infrastructure
2019-11-14 01:00

MITRE has launched a tech foundation to advance its mission of solving problems for a safer world by working with the private sector to strengthen critical infrastructure. The foundation provides...

MITRE Publishes New List of Most Dangerous Software Weaknesses
2019-09-19 17:33

The MITRE Corporation this week published an updated list of the most dangerous software weaknesses and vulnerabilities. Known as the Common Weakness Enumeration (CWE) Top 25 Most Dangerous...

MITRE ATT@CK Used for Cybersecurity Skills Development
2019-09-04 12:35

By Mapping Skills and Training to MITRE ATT@CK, Skill Levels Can be Visualized in Real-Time read more

SentinelOne integrates the MITRE framework with its ActiveEDR and Ranger IoT capabilities
2019-08-05 01:30

SentinelOne, the autonomous endpoint protection company, announced new EDR capabilities that take its integration with the MITRE ATT&CK framework to the next level. Delivered via SentinelOne’s...