MITRE ATT&CK Evolves with Cyber Threat Sophistication
DISCARDED: Tales From the Threat Research Trenches - A podcast by Proofpoint
Categories:
Take a deep dive with us into the incomparable MITRE ATT&CK Framework, a comprehensive knowledge base that catalogs real-world threat actor behaviors derived from threat intelligence. Today’s guests are our great friends at MITRE ATT&CK, Adam Pennington (Attack Lead), and Patrick Howell O’Neill, (Lead Cyber Operations Analyst). They explore how the Framework serves as a common language for communicating adversary threat behaviors and discuss its evolution from an internal project to a community-driven resource.The latest version of the MITRE ATT&CK Framework version 14 was released on Halloween, emphasizing new features like the addition of new defensive information and techniques they previously said no to including. They discuss the decision-making process behind incorporating new techniques, such as Financial Theft, Impersonation, Phishing: Spearphishing Voice, and Phishing for Information: Spearphishing Voice.The conversation continues on the following topics:[5:00] MITRE ATT&CK Framework[9:25] Improving cybersecurity detection[13:00] New ATT&CK techniques[16:00] Decisions about which techniques to add[23:00] Mobile ATT&CK[30:00] Decisions about which trends to include[37:00] Feedback about the FrameworkResources mentioned:What is the MITRE ATT&CK Framework?https://attack.mitre.org/ https://medium.com/mitre-attack/attack-v14-fa473603f86bFor more information, check out our website.