Using MITRE ATT&CK with cyber threat intelligence

The MITRE ATT&CK framework is a tool developed by the MITRE Corporation. It is designed to provide information about how a works and the various means that an attacker can carry out their goals at each stage of an .

MITRE ATT&CK is primarily a repository of information without a clear guide on work through and take advantage of it. Cyber threat intelligence provides this guidance, and MITRE ATT&CK offers a few tools to help organizations to use it to operationalize their threat intelligence.

MITRE ATT&CK groups

Cyber threat actors commonly operate in groups. Many cybersecurity organizations track advanced persistent threats (APTs), organized cybercrime groups and other . These groups are defined and tracked by identifying commonalities between cyberattack campaigns believed to originate from the same threat actors.

The MITRE ATT&CK Framework includes a listing of these groups. For each of the 110 groups currently tracked, MITRE ATT&CK includes a list of the Techniques and Software known to be used by these groups.

This enables an organization to leverage MITRE ATT&CK to develop defenses and mitigations based upon threat intelligence linked to various cyber threat groups. that a particular group is active and that

Read More: https://resources.infosecinstitute.com/topic/using-mitre-attck-with-cyber-threat-intelligence/