5 matches found
The SOC files: Chasing the web shell
Web shells have evolved far beyond their original purpose of basic remote command execution, and many now function more like lightweight exploitation frameworks. These tools often include features such as in-memory module execution and encrypted command-and-control C2 communication, giving...
James Nutland studies what makes threat actors tick, growing our understanding of the current APT landscape
If state-sponsored actors are after one thing, its to spread fear and uncertainty across the internet. Theres always money to be made targeting individual businesses and organizations, but for James Nutlands work, its always about the bigger picture. And his background in studying counterterroris...
How to Apply MITRE ATT&CK to Your Organization
Discover all the ways MITRE ATT&CK can help you defend your organization. Build your security strategy and policies by making the most of this important framework. What is the MITRE ATT&CK Framework? MITRE ATT&CK Adversarial Tactics, Techniques, and Common Knowledge is a widely adopted framework...
CISA Updates Best Practices for Mapping to MITRE ATT&CK®
Today, CISA updated Best Practices for MITRE ATT&CK® Mapping. The MITRE ATT&CK® framework is a lens through which network defenders can analyze adversary behavior and, as CISA Executive Assistant Director Eric Goldstein noted in his June 2021 blog post on the framework, it directly supports...
CISA Releases Best Practices for Mapping to MITRE ATT&CK®
As part of an effort to encourage a common language in threat actor analysis, CISA has released Best Practices for MITRE ATT&CK® Mapping. The guide shows analysts—through instructions and examples—how to map adversary behavior to the MITRE ATT&CK framework. CISA created this guide in partnership...