Enterprise security teams are faced with a growing problem. Advanced adversaries are winning the war, stealing data at will and wreaking havoc on corporate networks. Using sophisticated tools and techniques; cyber criminals are launching targeted attacks that are able to successfully bypass the security controls of most security programs. Staying several steps ahead of configuration, vulnerability, and patch management programs, these threat actors have proven over and over again that they are able to successfully break even the best defensive strategies. By the time most software vendors are releasing new patches and best practices, it’s too late. The attackers have either found a new way to avoid detection or have already taken what they wanted and moved on.
The MITRE ATT&CKTM Matrix is the most comprehensive framework of tactics and techniques. It represents a new way of thinking about cybersecurity...offensive thinking. Traditional security programs that rely on acquiring an ever-growing set of tools that update regularly are simply ineffective at stopping sophisticated threat actors. In order to stop an enemy one must learn to think like the enemy.
By automating the creation the MITRE Heatmap of adversarial tactics and techniques FireDrill’s MITRE ATT&CK Module allows security teams to view their infrastructure the same way as their adversaries. Allowing security teams to see exactly how their defenses measure up against each step in the strategy of the opposition identifying gaps and enabling teams to minimize risk.
An offensive strategy is needed to complement your defense and to uncover vulnerabilities before someone else does. This is exactly why we’ve created the MITRE ATT&CK Module for AttackIQ FireDrill.
1) Create your assessment using the MITRE ATT&CK template in FireDrill and add assets to test against
2) Select Scenarios using the MITRE ATT&CK Matrix using free text search or the predefined filters.
3) Run your assessment.
4) View your MITRE ATT&CK Heatmap.