Using MITRE ATT&CK™ in Threat Hunting and Detection

LogRhythm

MITRE ATT&CK1 is an open framework and knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK provides a common taxonomy of the tactical objectives of adversaries and their methods. Having a taxonomy by itself has many valuable uses, such as providing a common vocabulary for exchanging information with others in the security community. But it also serves as a real technical framework for classifying your current detection efforts and identifying gaps where you are blind to certain types of attack behaviours. This paper will introduce you to ATT&CK and related tools and resources based on ATT&CK. Then it will discuss how to make practical use of ATT&CK with a focus on threat hunting and detection.

Published:
Lang: EN
Type: White Paper
Length:

Favourites

  • Favorite list is empty.
FavoriteLoadingClear favorites

Your favorite posts saved to your browsers cookies. If you clear cookies also favorite posts will be deleted.