Over the last decade, the MITRE Corporation has grown its ATT&CK framework, which is a knowledge base of adversary behaviors that can help defenders in a variety of ways. MITRE has traditionally been focused on Advanced Persistent Threat (APT) groups but has been increasingly incorporating techniques and sub-techniques into ATT&CK that are used by cybercriminal groups. In this Studio 471, Patrick Howell O’Neill, who is a Lead Cyber Operations Analyst at MITRE, discusses these changes and why ATT&CK is useful to security professionals.
Participants:
Patrick Howell O’Neill, Lead Cyber Operations Analyst, MITRE Corporation
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471