Making ATT&CK even better...

Richard Struse Richard Struse

Richard Struse

Chief Technology Officer, Tidal Cyber

发布日期: 2018年1月8日
+ 关注

For those of you who have been following MITRE’s ATT&CK?, we have a blog post up https://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/whats-next-for-attck? that outlines some of the exciting changes and enhancements that we’re rolling out in the first half of this year. The capsule version is this: ATT&CK is at the center of MITRE’s new Cyber Threat Intelligence strategy and as such we are making significant investments in ATT&CK. Some highlights include:

·     Restructuring ATT&CK as a single knowledgebase across multiple platforms and all phases of the lifecycle.

·     Building out the "launch" and “compromise” tactics, currently in PRE-ATT&CK?, to contain the level of technical detail present in Enterprise ATT&CK.

·     Develop a more robust set of tooling, including an embeddable ATT&CK matrix visualization tool (the ATT&CK Navigator) and STIX?/TAXII?-based APIs.

·     Perhaps most importantly, introduce a new strategy for operating ATT&CK in partnership with industry, with a more robust feedback and governance process that ensures ATT&CK is available and contains relevant, useful information for the long term.

These are exciting times for the ATT&CK community – I look forward to your feedback on where we are going.

?? Christophe Foulon ?? CISSP, GSLC, MSIT

Microsoft Cloud Security Coach | Helping SMBs Grow by Enabling Business-Driven Cybersecurity | Fractional vCISO & Cyber Advisory Services | Empowering Secure Growth Through Risk Management

5 个月

Richard, thanks for sharing!
回复
Patrick "Pat" Arvidson

Co-Founder | CTO | CSO | Advisor | Consulting

7 年

Richard, we need to talk soon. DoD and DHS through our workDoDCAR (formerly NSCSAR) and .govCAR, respectively, continue to incorporate the great work on ATT&CK in our NSA Technical Cyber Threat Framework. We are enjoying our great partnerships with MITRE, OMB , NIST and leading industry cloud providers to revolutionize Risk Management by including data driven threat and incident Data.
回复
2 次回应
Jenny Menna

Chief Security Officer at Sallie Mae

7 年

When are we going for pie so you can tell me about this?
回复
Timothy King, CISSP

Program Information System Security Manager

7 年

Daniel W.
回复
1 次回应
查看更多评论

要查看或添加评论,请登录

Richard Struse的更多文章

  • Thank you.
    2022年1月7日

    Thank you.

    Today is my last day at MITRE and as the founding Director of the Center for Threat-Informed Defense. When I joined…

    102 条评论
  • Adversary TTPs in the News
    2020年4月20日

    Adversary TTPs in the News

    At the suggestion of FS-ISAC, the Center for Threat-Informed Defense worked with Jen Burns and the rest of the MITRE…

    4 条评论
  • Announcing the Launch of MITRE Engenuity's Center for Threat-Informed Defense
    2019年11月12日

    Announcing the Launch of MITRE Engenuity's Center for Threat-Informed Defense

    What happens when you bring together some of the best security teams from private sector organizations around the world…

    18 条评论
  • My #FIRSTCON2018 Trifecta!
    2018年6月18日

    My #FIRSTCON2018 Trifecta!

    For those of you planning to be at the FIRST conference in Kuala Lumpur next week, there are three events I’m involved…

    3 条评论
  • New Release of the ATT&CK Navigator
    2018年5月21日

    New Release of the ATT&CK Navigator

    If you liked the first release of the ATT&CK Navigator, you're going to love the second. Read my blog post for the…

    1 条评论
  • Like MITRE ATT&CK? Check this out...
    2018年3月5日

    Like MITRE ATT&CK? Check this out...

    MITRE has released an open-source visualization tool for ATT&CK called the ATT&CK Navigator. Read my blog post…

    4 条评论
  • EU recognizes STIX? and TAXII? for public procurement
    2018年1月9日

    EU recognizes STIX? and TAXII? for public procurement

    Some great news on the STIX/TAXII front! The European Union has formally adopted a decision recognizing the OASIS Cyber…

    3 条评论

社区洞察

其他会员也浏览了