Category: attck
Intelligence Failures of Lincoln’s Top Spies: What CTI Analysts Can Learn From the Civil War
Selena Larson Mar 29 ·9 min read Guest Post by ATT&CKcon 3.0 Keynote Speaker, Selena Larson Allan Pinkerton (Alexander Gardner — Library of Congress) At the onset of the Civil…
ATT&CK 2022 Roadmap
Where We’ve Been and Where We’re GoingAmy L. RobertsonFeb 2 · 7 min read In 2021, as we navigated a pandemic and moved into a new normal, we continued evolving…
What’s New in ATT&CK v9?
Jamie WilliamsApr 29 · 6 min read By Jamie Williams (MITRE), Jen Burns (MITRE), Cat Self (MITRE), and Adam Pennington (MITRE) As we promised in the ATT&CK 2021 Roadmap, today…
ATT&CK 2021 Roadmap
Amy L. RobertsonMar 16 · 9 min read A review of how we navigated 2020 and where we’re heading in 2021 With the monumental disruptions, challenges, and hybrid work environments…
Defining ATT&CK Data Sources, Part II: Operationalizing the Methodology
Jose Luis RodriguezOct 20, 2020 · 9 min read In Part I of this two-part blog series, we reviewed the current state of the data sources and an initial approach…
Defining ATT&CK Data Sources, Part I: Enhancing the Current State
Jose Luis RodriguezSep 10, 2020 · 10 min readFigure 1: Example of Mapping of Process Data Source to Event Logs Discussion around ATT&CK often involves tactics, techniques, procedures, detections, and…
Actionable Detections: An Analysis of ATT&CK Evaluations Data Part 2 of 2
Jamie WilliamsJun 18, 2020 · 8 min read In part 1 of this blog series, we introduced how you can break down and understand detections by security products. When analyzing…