9 matches found
How to Apply MITRE ATT&CK to Your Organization
Discover all the ways MITRE ATT&CK can help you defend your organization. Build your security strategy and policies by making the most of this important framework. What is the MITRE ATT&CK Framework? MITRE ATT&CK Adversarial Tactics, Techniques, and Common Knowledge is a widely adopted framework...
Decider - A Web Application That Assists Network Defenders, Analysts, And Researcher In The Process Of Mapping Adversary Behaviors To The MITRE ATT&CK Framework
What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. The Long Decider is a tool to help analysts map adversary behavior to the MITRE ATT&CK framework. Decider makes creating...
Chain-Reactor - An Open Source Framework For Composing Executables That Simulate Adversary Behaviors And Techniques On Linux Endpoints
Chain Reactor is an open-source tool for testing detection and response coverage on Linux machines. The tool generates executables that simulate sequences of actions like process creation and network connection. Chain Reactor assumes no prior engineering experience; the tool consumes JSON, so...
Kill chains: Part 2→Strategic and tactical use cases
Let’s redefine In our new blog series, we want to contextualize the term “kill chain” as much as possible. Make sure to read the first entry in this series, Kill chains: Part 1→Strategic and operational value, for a general overview of kill chains and the specific frameworks we’ve discussed. We...
New Framework Released to Protect Machine Learning Systems From Adversarial Attacks
Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning ML systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to...
Cyberattacks against machine learning systems are more common than you think
Machine learning ML is making incredible transformations in critical areas such as finance, healthcare, and defense, impacting nearly every aspect of our lives. Many businesses, eager to capitalize on advancements in ML, have not scrutinized the security of their ML systems. Today, along with...
ezEmu - Simple Execution Of Commands For Defensive Tuning/Research
ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...
How to Mature Your Threat Hunting Program with the ATT&CK™ Framework
John Wunder, Principal Cybersecurity Engineer at MITRE spoke in a recent webinar about how the ATT&CK framework is a knowledgebase of adversary behaviors, describing the things that are tough for the adversary to change – those at the top of David J. Bianco’s influential Pyramid of Pain. Wunder...
Top 5 Threat Hunting Myths: “Threat Hunting Isn’t Worth My Time”
The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...