Using a solid foundation of up-to-date, real-world knowledge is key to a successful threat response strategy. The Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) project by MITRE is just that — a globally accessible knowledge base of adversary tactics and techniques that has been widely adopted across the security industry. Its goal is to function as a living dataset continuously updated with new information that can be leveraged for key threat insights and leading, practical guidance into effective response strategies.
This report from SANS Institute, Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework, guides you through how to best use ATT&CK to improve your organization’s security posture. You’ll learn:
- What ATT&CK is and why it is important
- Key strategies for using ATT&CK to inform your security defenses
- Ways to improve your cyber defense strategy
- Tips on how to quantify the improvement of your security posture
Download the paper for expert guidance from the SANS Institute on how to best use ATT&CK to improve your organization’s cyber defense posture and get started today.
One primary use of the ATT&CK knowledge base is a way to know your enemy—a way to organize and display threat intelligence related to attack group tactics, techniques and procedures (TTPs). Assuming we can predict future attackers’ actions based on observations of previous TTPs, having these TTPs listed in a structured and usable way with supporting details becomes an especially useful tool for cyber defenders and threat intel teams alike.