Today, we’re excited to announce our partnership with Mitre.
For those not familiar with Mitre, it is the non-profit research and technology arm of the U.S. government. They are most well-known for their work with the Common Vulnerabilities and Exposures (CVE) systems. The National Cybersecurity FFRDC, operated by the MITRE Corporation, maintains our current CVE system today.
In 2015, Mitre introduced a new framework for post-compromise threat intelligence known as the Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Framework. ATT&CK is meant to provide comprehensive coverage across a range of post-compromise adversary techniques in a structured framework so defenders are aware of what else to look for, increasing the odds of detection and successful incident response. As described, by ATT&CK Framework project lead Blake Strom ”Moving beyond indicators, ATT&CK “connects-the-dots” between vulnerabilities and attacker tools and techniques to better visualize and mitigate compromise attempts.”
The ATT&CK framework objective to empower organizations to better understand the adversary and their own risks align well with SafeBreach. In fact, since we were founded in 2014, we’ve been working to educate organizations about the importance of thinking like a hacker.
As part of the partnership, we’ve been working with the Mitre team to add to the ATT&CK knowledgebase of adversarial intelligence with SafeBreach Labs unique research and insights. You can view more details about CTO and co-founder Itzik Kotler’s contribution in the wiki here.