The Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance meant to help network defenders on how to better use the Mitre ATT&CK framework to analyze and report on cybersecurity threats.
Mitre said Wednesday CISA teamed up with the Homeland Security Systems Engineering and Development Institute – a federally funded research and development center operated by Mitre for the Department of Homeland Security – to develop the guidance.
The document titled Best Practices for MITRE ATT&CK Mapping provides cyberthreat intelligence analysts with tips, strategies and instructions for detecting adversary behaviors in raw data and finished reports.
“Our close and collaborative partnership with HSSEDI enabled us to produce a valuable resource to help entities apply ATT&CK, a framework that can build cyber defenses and resilience,” said Eric Goldstein, executive assistant director for cybersecurity at CISA.
Mitre’s ATT&CK framework is a knowledge base of tactics and techniques used by adversaries and can be used as a foundation to develop threat methodologies and models in government and the private sector.
“Successful applications of ATT&CK should produce an accurate and consistent set of mappings which can be used to develop adversary profiles, conduct activity trend analyses, and be incorporated into reporting for detection, response, and mitigation purposes,” the document reads.
If you want to know more about the latest updates about the Cybersecurity Maturity Model Certification, then check out Potomac Officers Club's CMMC Forum coming up on June 16. To register for this virtual forum and view other upcoming events, visit the POC Events page.