Everyone in the security community is familiar with the ATT&CK framework developed by MITRE. ATT&CK, which stands for Adversary, Tactics, Techniques, and Common Knowledge, is a comprehensive knowledge base of adversary behaviors used by threat actors across the threat lifecycle. While ATT&CK takes on the perspective of the adversary, there was no documented set of … [Read more...] about Q&A on the MITRE D3FEND Framework
MITRE
MITRE CTID Partnership Reveals Insider Threat Tactic
Remote working has exposed companies to greater levels of insider risk, which can result in data exfiltration, fraud and confidential information leakage CrowdStrike is a founding sponsor and lead contributor to the new MITRE Insider Threat Knowledge Base, continuing its industry leadership in protecting organizations from external attacks and internal threats The CrowdStrike … [Read more...] about MITRE CTID Partnership Reveals Insider Threat Tactic
MITRE ATT&CK: The Magic of Application Mitigations
“The eyes are the window to your soul.” Hmmm. How about a new twist? Applications are the window to your business. Like windows, applications tempt thieves and prying eyes. Securing them can be paneful (ugh, sorry). But we’ve got some great advice on protecting applications in the modern era. The evolution of today’s applications Let’s get this out of the way right now: Modern … [Read more...] about MITRE ATT&CK: The Magic of Application Mitigations
MITRE ATT&CK: The Magic of Segmentation
In cybersecurity, nation states, cyber criminals, hacktivists, and rogue employees are the usual suspects. They fit nicely into categories like external attackers or insider threats. But what about our essential suppliers, partners, and service providers? We rely on them, sometimes inviting them in to help manage our networks and internal systems. It’s easy to overlook them as … [Read more...] about MITRE ATT&CK: The Magic of Segmentation
MITRE ATT&CK: The Magic of User Training
October is National Cybersecurity Awareness Month, and this year the theme is “Do Your Part. #BeCyberSmart.” It reminds all of us — individuals and organizations alike — to be proactive and accountable. Cybersecurity is our shared responsibility, and we can do it together. At Cisco, we’re thrilled to contribute a monthlong roster of engaging events, activities, and educational … [Read more...] about MITRE ATT&CK: The Magic of User Training
MITRE ATT&CK: The Magic of Endpoint Protection
In our first blog, we introduced the Magic of Mitigations. They’re the key to getting started with MITRE ATT&CK. Now let’s look at some of the most magical ones, starting today with Behavior Prevention on Endpoint (M1040), Exploit Protection (M1050) and Execution Prevention (M1038). Wait, what’s the difference? At a quick glance, they might all sound about the same. So … [Read more...] about MITRE ATT&CK: The Magic of Endpoint Protection
MITRE ATT&CK: The Magic of Mitigations
That “aha!” moment doesn’t always happen right away. When learning new things, sometimes we need to slow down and take it all in. For me, understanding MITRE ATT&CK was like that. Sure, the notion of thinking like an attacker made sense, and its structure was clear. Then came the “now what?” moment. Soon I discovered the key to getting started. May I share it with … [Read more...] about MITRE ATT&CK: The Magic of Mitigations