Why the Mitre Engenuity ATT&CK Evaluations Matter for CISOs

0
131

[ad_1]

Why the Mitre Engenuity ATT&CK Evaluations Matter for CISOs

This 12 months’s MITRE Engenuity™ ATT&CK Analysis simulates strategies related to infamous risk teams Wizard Spider and Sandworm to check options’ means to detect and cease APT and Focused Assaults.
By: Pattern Micro

April 08, 2022

Learn time:  ( phrases)

Because the cyber assault floor continues to quickly increase, enterprises want a safety resolution that may assist organizations to higher perceive, talk, and mitigate cyber danger throughout their whole IT ecosystem. And with many choices in the marketplace, selecting the best product might be difficult. CISOs could make a extra knowledgeable determination by leveraging the MITRE Engenuity ATT&CK Evaluations and framework to guage the effectivity and effectiveness of market-leading safety options.
What’s the MITRE Engenuity ATT&CK Analysis?
By aligning to the MITRE ATT&CK framework, the MITRE Engenuity analysis supplies an entire story of the assault by testing an answer’s means to detect an adversary performing a focused assault. Evaluations performed by MITRE Engenuity don’t generate any rankings or rankings. Which means that, not like conventional testing, MITRE Engenuity is solely centered on the product’s safety efficacy and detection capabilities after a compromise has occurred.

Determine 1: Wizard Spider and Sandworm analysis, 180 ATT&CK strategies throughout 12 ATT&CK techniques are in scope for this analysis.
The MITRE ATT&CK framework is a invaluable device that helps the cybersecurity {industry} outline and standardize the right way to interpret an attacker’s method and supply a standard language to explain risk group behaviours.
2022 MITRE Engenuity Overview
On this 12 months’s analysis, MITRE Engenuity emulated Wizard Spider and Sandworm tradecraft operational flows, simulating the habits used within the wild by these infamous teams. Over the 2 situations, 109 attacker steps had been executed.
Much like the earlier 12 months, Pattern Micro’s cybersecurity platform confirmed spectacular outcomes.

Leveraging the evaluations and framework
CISOs can leverage the MITRE ATT&CK framework to inform an entire story that helps simplify safety communication throughout their group, present full protection visibility, and assess for gaps to find the place they might be weak to threats. Elevated visibility additionally helps you identify any protection overlaps, enabling you to optimize prices. After you’ve recognized your safety wants, you need to use the evaluations to match distributors and decide which options are finest suited to fill this hole.

When evaluating the efficiency of distributors, you will need to think about the hierarchy of detection varieties. There are 5 varieties recognized by MITRE ATT&CK:None: Whereas no detection info is given, it doesn’t imply that no detection occurred. Reasonably, it means it didn’t meet the required detection standards set by MITRE Engenuity.
Telemetry: Information was processed that reveals an occasion occurred associated to the method being detected.
Common: A common detection signifies that one thing was deemed suspicious, nevertheless it was not assigned to a particular tactic or method.
Tactic: A detection on tactic means the detection might be attributed to a tactical aim (e.g. credential entry).
Method: A detection on method means the detection might be attributed to a particular adversarial motion (e.g. credential dumping).

Seeing the complete safety image
Pattern Micro Imaginative and prescient One™ with industry-leading EDR and XDR capabilities  is a part of our unified cybersecurity platform, which helps organizations higher perceive, talk, and mitigate cyber danger throughout their whole assault floor. Extra visibility helps join the dots of the assault floor lifecycle, minimizing alert fatigue for safety groups and permitting them to concentrate on essential assaults.
Study extra in regards to the analysis and assault strategies used on our MITRE Engenuity ATT&CK useful resource web page.

Tags

sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk

[ad_2]