Most common MITRE ATT&CK tactics and techniques: CISA shares most common RVAs


CISA has released a list of Risk and Vulnerability Assessments, or RVAs, to the MITRE ATT&CK Framework and have released their findings to the public in a data-packed report. It breaks down the different tactics and techniques observed over the course of 44 RVAs and reports the percentage of time that they were successful across all RVAs. 

This article will detail the report and will explore how RVAs map to MITRE and will walk through some select tactics and techniques within each of the categories of MITRE ATT&CK.

CISA encourages those working as network administrators and IT professionals to examine the infographic and to apply the defensive strategies it recommends to safeguard against the tactics and techniques contained within.

How the RVAs map to the MITRE ATT&CK Framework

Upon request, CISA will perform an onsite assessment where they identify vulnerabilities that can be potentially exploited to compromise the organization’s security controls, which is the RVA. CISA then maps the RVA to the MITRE ATT&CK Framework by combining what was learned in the assessment with national threat information. The end result is a tailored risk analysis report for the organization requesting it, and the grand sum of the whole

Read More: