BSides:Munich 2022

BSides:Munich 2022 – Marcus Osterloh’s ‘Measuring Cyber Defense With The MITRE Framework’

Our thanks to BSides Munich for publishing their Presenter’s BSides:Munich 2022 outstanding security videos on the organization’s’ YouTube channel. Permalink ...

5 Things to Do with MITRE ATT&CK – Tips and Tricks Special

MITRE ATT&CK stands for MITRE Adversarial Tactics, Techniques and Common Knowledge. It’s a curated knowledge base of adversarial behavior based on real-world observation of APT campaigns. The original impetus for the project ...
2 White Tigers

MITRE ATT&CK July 2020 Update: Sub-Techniques!

The highly anticipated structural update to the MITRE ATT&CK framework was released July 8th, 2020. After a quiet first half of the year, it appears the ATT&CK team has been putting in ...

MITRE Releases an Update to The Common Weakness Enumeration (CWE)

MITRE has been doing exceptional work in advancing cybersecurity as a public good, and it is an excellent resource for security professionals. Possibly best known for their ATT&CK Framework, a rich source ...
The Tripwire Cybersecurity Podcast

Podcast Episode 3: How the MITRE ATT&CK Framework Can Improve Your Defenses

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim ...
What is the MITRE ATT&CK™ Framework?

The MITRE ATT&CK Framework: Impact

Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may ...
ICS Mitre image 1

Introducing the New MITRE ATT&CK Framework for Industrial Control Systems

On January 7th, MITRE released ATT&CK for Industrial Control Systems, a taxonomy of real-world cyber adversarial behavior targeting ICS or industrial control systems. These systems operate critical infrastructure in manufacturing and utility ...

MITRE ATT&CK October Update: Extending to the Cloud

| | Cloud, MITRE ATT&CK, MITRE Framework
MITRE’s ATT&CK framework is ever evolving. The latest October update extends enterprise coverage to the cloud and adds a considerable list of cloud-specific adversarial techniques. The cloud has seen phenomenal growth over ...

ATT&CK Structure Part II: From Taxonomy to Ontology

In Part I, I described some structural problems in MITRE’s ATT&CK adversarial behavior framework. We looked at a couple of examples of techniques that vary greatly in terms of abstraction as well ...
MITRE ATT&CKcon 2018

ATT&CK Structure Part I: A Taxonomy of Adversarial Behavior

| | Attack, MITRE, MITRE Framework
Following last year’s exceedingly successful inaugural MITRE ATT&CK™ conference, this year’s highly anticipated ATT&CKcon 2.0 conference will be held from Oct 28-30 at MITRE’s McLean headquarters. MITRE’s always open to hearing feedback ...