Take a deep dive with us into the incomparable MITRE ATT&CK Framework, a comprehensive knowledge base that catalogs real-world threat actor behaviors derived from threat intelligence.
Today’s guests are our great friends at MITRE ATT&CK, Adam Pennington (Attack Lead), and Patrick Howell O’Neill, (Lead Cyber Operations Analyst). They explore how the Framework serves as a common language for communicating adversary threat behaviors and discuss its evolution from an internal project to a community-driven resource.
The latest version of the MITRE ATT&CK Framework version 14 was released on Halloween, emphasizing new features like the addition of new defensive information and techniques they previously said no to including. They discuss the decision-making process behind incorporating new techniques, such as Financial Theft, Impersonation, Phishing: Spearphishing Voice, and Phishing for Information: Spearphishing Voice.
The conversation continues on the following topics:
[5:00] MITRE ATT&CK Framework
[9:25] Improving cybersecurity detection
[13:00] New ATT&CK techniques
[16:00] Decisions about which techniques to add
[23:00] Mobile ATT&CK
[30:00] Decisions about which trends to include
[37:00] Feedback about the Framework
Resources mentioned:
What is the MITRE ATT&CK Framework?
https://attack.mitre.org/
https://medium.com/mitre-attack/attack-v14-fa473603f86b
For more information, check out our website.
Article Link: MITRE ATT&CK Evolves with Cyber Threat Sophistication