web analytics

Multi-Source Analysis of Top MITRE ATT&CK® TECHNIQUES

Rate this post

“HOW WILL ADVERSARIES ATTACK US AND WHAT DEFENSES SHOULD WE PRIORITIZE?”

If you work in cybersecurity, chances are good you’ve asked—or been asked—a question like this one. The good news is that there’s more information available than ever before to help answer that question. But that doesn’t mean answering it is easy.

MITRE ATT&CK® is a knowledge base of adversary tactics and techniques based on real-world observations. Its purpose is to serve as a foundation for threat models and methodologies leading to more effective cybersecurity.

More and more cybersecurity industry reports include statistics on observed ATT&CK techniques. That’s great in terms of having more data available for defenders and decision-makers, but a challenge arises to establish consensus among them regarding the most common techniques. Sources differ greatly in their visibility of ATT&CK, what they measure, how they report information, etc.

This study analyzes 22 public sources of ATT&CK statistics to find common trends among them. Our goal is to aid organizations in building a more threat-informed defense.

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post