https://www.cyberscoop.com/mitre-attck-framework-experts-advocate/
By Zaid Shoorbajee
cyberscoop
OCT 23, 2018
Different cybersecurity companies have their own unique ways of talking
about the threats they track. That can be frustrating when they need to
share critical information about APT28, Fancy Bear, Sofacy or STRONTIUM --
all of which are names used by different companies for one prominent
Russian hacking group.
Experts say that the "ATT&CK" framework -- a model for organizing detailed
information about how a threat group behaves -- has been gaining in
popularity and helping organizations share threat intelligence.
MITRE Corp., a federally funded nonprofit organization that manages
public-private technology partnerships, started developing ATT&CK in 2013.
The group says the framework has ballooned into a popular way for people
performing different roles in cybersecurity to speak the same language.
MITRE held its first ever ATT&CKcon on Tuesday in McLean, Virginia, where
various vendors convened to discuss how the framework has streamlined
their practice of threat intelligence sharing.
ATT&CK provides defenders with spreadsheet-style matrices that structure
the way one can talk about an attacker’s tactics, techniques and
procedures (TTP). The tables include different observable methods of
persistence, exfiltration, lateral movement and other granular pieces of
information.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
