By Mapping Skills and Training to MITRE ATT&CK, Skill Levels Can be Visualized in Real-Time
MITRE ATT&CK (adversarial tactics, techniques and common knowledge) is a knowledge base of adversarial attack techniques. It has, so far, been used primarily by security vendors to check whether their products can detect specific attack processes, and by companies to check whether their defenses will prevent them.
Immersive Labs, a cybersecurity skills development firm, has now added a new twist — the integration of MITRE ATT&CK into its skills development platform. This means, says the firm, “organizations can map and manage specific people’s skills to actual risks.”
“The MITRE ATT&CK knowledge base,” explains Richard Struse, MITRE’s chief strategist for cyber threat intelligence, “provides a common language for the cybersecurity community to use when describing adversary behaviors. We continue to be inspired by the ways the entire community is using ATT&CK to improve their defenses.”
The problem with traditional teaching methods is the knowledge taught cannot keep pace with the latest evolving attack methods. However, MITRE ATT&CK has become the de facto repository for the latest information discovered by the cybersecurity industry that constantly battles malicious attackers. It is, by its nature, as up to date with the latest threats as possible.
Testing technology against these threats is relatively simple; but, comments James Hadley, CEO and co-founder of Immersive Labs, “it’s much harder to do against the skills of team members. By mapping skills and training to ATT&CK, organizations skill levels can be visualized in real-time, highlighting gaps or potential for increased investment and improving security teams’ ability to prevent and respond to events.”
By taking real-time feeds of the latest attack techniques into a gamified learning environment, the platform seeks to improve organizations’ skill pool in two specific areas. Firstly, it ensures that senior members of the security team have an understanding of the very latest threats, while secondly it allows for detection and targeted remediation of any general weaknesses in the talent pool.
Related: Where To Begin With MITRE ATT&CK Matrix
Related: Level the Security Operations Playing Field With MITRE ATT&CK
Related: MITRE ATT&CK Matrix Used to Evaluate Endpoint Detection and Response Products
Related: MITRE Uses ATT&CK Framework to Evaluate Enterprise Security Products
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
More from Kevin Townsend
- Malicious Prompt Engineering With ChatGPT
- North Korean APT Expands Its Attack Repertoire
- Credential Leakage Fueling Rise in API Breaches
- How Will a Recession Will Affect CISOs?
- The Potential and Pitfalls of a Federal Privacy Law
- Holiday Cybersecurity Staffing Levels a Difficult Balancing Act for Companies
- Attackers Using IPFS for Distributed, Bulletproof Malware Hosting
- Web Scraping – Is It Legal and Can It Be Prevented?
Latest News
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- Microsoft Urges Customers to Patch Exchange Servers
- Iranian APT Leaks Data From Saudi Arabia Government Under New Persona
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Cyberattacks Target Websites of German Airports, Admin
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
