In the intricate dance between cyber attackers and defenders, understanding adversary behavior is the difference between keeping up with sophisticated attacks or falling behind the evolving threat landscape. For security teams, this often feels like trying to navigate a maze blindfolded since adversaries typically have greater insights into defender strategies than defenders … [Read more...] about Strengthen Your Security Operations: MITRE ATT&CK Mapping in Cisco XDR
ATTCK
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
Sep 22, 2023The Hacker NewsMITRE ATT&CK / Cybersecurity Thorough, independent tests are a vital resource for analyzing provider's capabilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluation. This testing is critical for evaluating vendors … [Read more...] about How to Interpret the 2023 MITRE ATT&CK Evaluation Results
How to Apply MITRE ATT&CK to Your Organization
Discover all the ways MITRE ATT&CK can help you defend your organization. Build your security strategy and policies by making the most of this important framework. What is the MITRE ATT&CK Framework? MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a widely adopted framework and knowledge base that outlines and categorizes the tactics, … [Read more...] about How to Apply MITRE ATT&CK to Your Organization
2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition
Threat actor groups like Wizard Spider and Sandworm have been wreaking havoc over the past few years – developing and deploying cybercrime tools like Conti, Trickbot, and Ryuk ransomware. Most recently, Sandworm (suspected to be a Russian cyber-military unit) unleashed cyberattacks against Ukranian infrastructure targets. To ensure cybersecurity providers are battle ready, … [Read more...] about 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition
MITRE ATT&CK: The Magic of Application Mitigations
“The eyes are the window to your soul.” Hmmm. How about a new twist? Applications are the window to your business. Like windows, applications tempt thieves and prying eyes. Securing them can be paneful (ugh, sorry). But we’ve got some great advice on protecting applications in the modern era. The evolution of today’s applications Let’s get this out of the way right now: Modern … [Read more...] about MITRE ATT&CK: The Magic of Application Mitigations
MITRE ATT&CK: The Magic of Segmentation
In cybersecurity, nation states, cyber criminals, hacktivists, and rogue employees are the usual suspects. They fit nicely into categories like external attackers or insider threats. But what about our essential suppliers, partners, and service providers? We rely on them, sometimes inviting them in to help manage our networks and internal systems. It’s easy to overlook them as … [Read more...] about MITRE ATT&CK: The Magic of Segmentation
MITRE ATT&CK: The Magic of User Training
October is National Cybersecurity Awareness Month, and this year the theme is “Do Your Part. #BeCyberSmart.” It reminds all of us — individuals and organizations alike — to be proactive and accountable. Cybersecurity is our shared responsibility, and we can do it together. At Cisco, we’re thrilled to contribute a monthlong roster of engaging events, activities, and educational … [Read more...] about MITRE ATT&CK: The Magic of User Training
MITRE ATT&CK: The Magic of Endpoint Protection
In our first blog, we introduced the Magic of Mitigations. They’re the key to getting started with MITRE ATT&CK. Now let’s look at some of the most magical ones, starting today with Behavior Prevention on Endpoint (M1040), Exploit Protection (M1050) and Execution Prevention (M1038). Wait, what’s the difference? At a quick glance, they might all sound about the same. So … [Read more...] about MITRE ATT&CK: The Magic of Endpoint Protection
MITRE ATT&CK: The Magic of Mitigations
That “aha!” moment doesn’t always happen right away. When learning new things, sometimes we need to slow down and take it all in. For me, understanding MITRE ATT&CK was like that. Sure, the notion of thinking like an attacker made sense, and its structure was clear. Then came the “now what?” moment. Soon I discovered the key to getting started. May I share it with … [Read more...] about MITRE ATT&CK: The Magic of Mitigations