Threat actors are constantly evolving their tactics and techniques behind the scenes to target new flaws in the attack lifecycle and infiltrate company infrastructure. While most organizations are already performing vulnerability management based on the CVE registry by MITRE, few have considered the powerful correlations between CVEs and another of their useful resources - the MITRE ATT&CK® framework.
The MITRE ATT&CK® framework was set up to document adversarial tactics and techniques based on real work observations. Since its inception, the MITRE ATT&CK matrix has provided an evolving list of behaviors attackers employ when compromising networks. This detailed research helps businesses better identify security gaps and strengthen defensive measures by studying attacker behavior.
What you’ll learn:
- What is the MITRE ATT&CK framework and how it relates to vulnerability management
- Understanding the different phases of the attack lifecycle in the MITRE ATT&CK matrix
- Mapping CVEs with the ATT&CK techniques
- Integrating MITRE ATT&CK framework to disrupt attack sequences and reduce risk