MITRE

Blog-25-Mitre-Att&ck-Framework-BLOG

CISA-Sponsored CVE Program Grants Nozomi Networks CNA Status

| | All, Blog, CAN, cisa, CVE Numbering Authority, CVE Program, DHS, Labs Blogs, MITRE, OT & IoT Vulnerabilities
Nozomi Networks is a CVE Numbering Authority (CNA). The CVE Program is the international standard for identifying and naming cybersecurity vulnerabilities. The post CISA-Sponsored CVE Program Grants Nozomi Networks CNA Status appeared ...
Nozomi Networks
Blog-25-Mitre-Att&ck-Framework-BLOG

CISA-Sponsored CVE Program Grants Nozomi Networks CNA Status

| | All, Blog, CAN, cisa, CVE Numbering Authority, CVE Program, DHS, Labs Blogs, MITRE, OT & IoT Vulnerabilities
Nozomi Networks is a CVE Numbering Authority (CNA). The CVE Program is the international standard for identifying and naming cybersecurity vulnerabilities. The post CISA-Sponsored CVE Program Grants Nozomi Networks CNA Status appeared ...
Nozomi Networks

MITRE Releases an Update to The Common Weakness Enumeration (CWE)

| | CWE, MITRE, MITRE Framework
MITRE has been doing exceptional work in advancing cybersecurity as a public good, and it is an excellent resource for security professionals. Possibly best known for their ATT&CK Framework, a rich source ...
The State of Security
The Tripwire Cybersecurity Podcast

Podcast Episode 3: How the MITRE ATT&CK Framework Can Improve Your Defenses

| | MITRE, MITRE Framework, Podcast
Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim ...
The State of Security
What is the MITRE ATT&CK™ Framework?

The MITRE ATT&CK Framework: Impact

| | ATT&CK, Featured Articles, Impact, MITRE, MITRE Framework
Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may ...
The State of Security

Only Focused on Patching? You’re Not Doing Vulnerability Management

| | MITRE, patching, Threat Intelligence, Vulnerability Management
By Anthony Perridge, VP International, ThreatQuotientWhen I speak to security professionals about vulnerability management, I find that there is still a lot of confusion in the market. Most people immediately think I’m ...
IT Security Expert Blog
Top 25 Most Dangerous Vulnerabilities, Smart City Privacy, DuckDuckGo vs. Google Search

Top 25 Most Dangerous Vulnerabilities, Smart City Privacy, DuckDuckGo vs. Google

| | CVSS, CWE, Cybersecurity, DuckDuckGo, google, Hackers, MITRE, NIST, Podcast, Podcast Episodes, Privacy, Smart City, software, Vulnerabilities
In episode 94 of our monthly show for November 2019: The 25 most dangerous vulnerabilities, the privacy of new “smart cities”, and which search engine keeps your searches more private? It’s DuckDuckGo ...
Shared Security Podcast
SQL Injection loses #1 spot as most dangerous attack technique

SQL Injection loses #1 spot as most dangerous attack technique

| | CVE, CWE, DHS, Industry News, MITRE, OWSAP, Slider, SQL, sql injection, SQL injection attack
The Common Weakness Enumeration (CWE), a community-developed compilation of the most critical errors leading to vulnerabilities in software, has lowered SQL Injection from its #1 spot as the most dangerous attack technique ...
HOTforSecurity

SANS Blue Team Summit 2019, Jamie Williams’ ‘To Blue With ATT&CK-Flavored Love’

| | education, Information Security, MITRE, MITRE ATT&CK, SANS, SANS Blue Team Summit
Permalink ...
Infosecurity.US

ATT&CK Structure Part II: From Taxonomy to Ontology

| | ATT&CK, MITRE, MITRE Framework, onotology
In Part I, I described some structural problems in MITRE’s ATT&CK adversarial behavior framework. We looked at a couple of examples of techniques that vary greatly in terms of abstraction as well ...
The State of Security
Load more