Source |
CSO |
Identifiant |
1831111 |
Date de publication |
2020-07-21 10:14:00 (vue: 2020-07-29 14:05:44) |
Titre |
BrandPost: How to Get Broader, Deeper MITRE Attack Coverage by Using EDR and NDR Together |
Texte |
The MITRE ATT&CK Framework has rapidly become the go-to lens through which security operations teams view their ability to detect attacker tactics, techniques, and procedures (TTPs). The ATT&CK Framework comprises 266 (and counting) TTPs across 12 tactic categories from initial compromise through maintaining persistence, defense evasion, and finally impact, spanning the course of a full cyberattack campaign.When enterprise SecOps teams start using MITRE ATT&CK, they gain a clearer view of which attack tactics they're able to detect, and which might fly under the radar or evade their defenses and eventually lead to a breach. Understanding these gaps in their defenses makes it easier to understand where to invest security budget, and how to update policies and procedures to fill those gaps. |
Envoyé |
Oui |
Condensat |
266 ability able across article att&ck attack attacker become brandpost: breach broader budget campaign categories clearer click comprises compromise counting course coverage cyberattack deeper defense defenses detect easier edr enterprise evade evasion eventually fill finally fly framework from full gain gaps get has here how impact initial invest lead lens maintaining makes might mitre ndr operations persistence please policies procedures radar rapidly read secops security spanning start tactic tactics teams techniques these they those through together ttps under understand understanding update using view when where which |
Tags |
Guideline
|
Stories |
|
Notes |
|
Move |
|