Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
CISA Releases New Tool Mapping Adversary Behavior to MITRE ATT&CK
The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Homeland Security Systems Engineering and Development Institute (HSSEDI), has released Decider, a tool for mapping adversary behavior to the MITRE ATT&CK framework. HSSEDI is a federally funded research and development center that is managed and operated by MITRE for the Department of Homeland Security. HSSEDI worked with MITRE's ATT&CK team to develop Decider.

A companion to the recently updated Best Practices for MITRE ATT&CK Mapping Guide, Decider helps network defenders, analysts, and researchers quickly and accurately map adversary tactics, techniques, and procedures (TTPs) to ATT&CK.

Decider makes ATT&CK mapping more accessible by walking users through a series of guided questions about adversary activity. The new tool helps cyber defenders determine correct tactics, techniques, or sub-techniques that then inform a range of important activities such as sharing the findings, discovering mitigations, and detecting further techniques.

"The ATT&CK Framework is a proven approach to help organizations more effectively prioritize cybersecurity controls and mitigations that actively reduce the prevalence and impact of intrusions," said Eric Goldstein, executive assistant director for cybersecurity, CISA. "We are excited to continue our partnership with HSSEDI and MITRE in offering the Decider tool to better guide ATT&CK mapping and help the cybersecurity community accurately understand adversary activities and make well-informed decisions that raise our collective defense."

"We are proud to partner with CISA to help cyber defenders take a more adversary informed approach to protecting their networks," said Yosry Barsoum, vice president and director, Center for Securing the Homeland at MITRE. "With Decider, the greater cyber community will be better equipped to use ATT&CK."

Decider is a web application that must be hosted to be used. Organizations can host Decider internally to save and share customized mappings, questions, answers, and users per install. CISA does not offer access to a running instance of Decider. Decider is currently compatible with Enterprise ATT&CK versions 11.0 and 12.0.

Visit the CISA GitHub site to download Decider.
Published Wednesday, March 01, 2023 12:58 PM by David Marshall
Filed under:
Get This Featured White Paper: Examining the Effectiveness of Digital Twins in Network Modeling
You may also be interested in this white paper: RANSOMWARE – How to Protect and Recover Your Data From this Growing Threat
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
CTE2023
CC2023
big-5g
DTX2023
connected-america
unified-communications
kubecon-eu-2023
disrupt2023
vExpert
Calendar
<March 2023>
SuMoTuWeThFrSa
2627281234
567891011
12131415161718
19202122232425
2627282930311
2345678