MITRE Releases an Update to The Common Weakness Enumeration (CWE)

MITRE has been doing exceptional work in advancing cybersecurity as a public good, and it is an excellent resource for security professionals. Possibly best known for their ATT&CK Framework, a rich source ...
The Tripwire Cybersecurity Podcast

Podcast Episode 3: How the MITRE ATT&CK Framework Can Improve Your Defenses

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim ...
What is the MITRE ATT&CK™ Framework?

The MITRE ATT&CK Framework: Impact

Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may ...
ICS Mitre image 1

Introducing the New MITRE ATT&CK Framework for Industrial Control Systems

On January 7th, MITRE released ATT&CK for Industrial Control Systems, a taxonomy of real-world cyber adversarial behavior targeting ICS or industrial control systems. These systems operate critical infrastructure in manufacturing and utility ...

MITRE ATT&CK October Update: Extending to the Cloud

| | Cloud, MITRE ATT&CK, MITRE Framework
MITRE’s ATT&CK framework is ever evolving. The latest October update extends enterprise coverage to the cloud and adds a considerable list of cloud-specific adversarial techniques. The cloud has seen phenomenal growth over ...

ATT&CK Structure Part II: From Taxonomy to Ontology

In Part I, I described some structural problems in MITRE’s ATT&CK adversarial behavior framework. We looked at a couple of examples of techniques that vary greatly in terms of abstraction as well ...
MITRE ATT&CKcon 2018

ATT&CK Structure Part I: A Taxonomy of Adversarial Behavior

| | Attack, MITRE, MITRE Framework
Following last year’s exceedingly successful inaugural MITRE ATT&CK™ conference, this year’s highly anticipated ATT&CKcon 2.0 conference will be held from Oct 28-30 at MITRE’s McLean headquarters. MITRE’s always open to hearing feedback ...

MITRE ATT&CK April 2019 Update

MITRE has released an April 2019 update to its ATT&CK framework. It’s been a year since the last major update featuring a new tactic. There are a number of changes for this ...

How to Evade Detection: Hiding in the Registry

MITRE Corporation’s ATT&CK framework is a living, curated repository of adversarial tactics and techniques based on observations from actual attacks on enterprise networks. It’s a valuable trove of information for security analysts, ...

Fine-Tuning Cybersecurity with the ATT&CK Framework

This Thursday, March 7, 2019, I’ll be facilitating a Learning Lab titled Fine Tuning Your Cyber-Defense Technologies with the ATT&CK Framework at the 2019 RSA Conference in San Francisco, CA. This will ...