The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework was developed in 2013 to document the tactics and techniques used by adversaries in cyberattacks. Initially an internal tool for threat detection, it became publicly available in 2015 to support the cybersecurity community. Over time, it has evolved into a comprehensive resource that describes adversary behaviours during attacks.

A structured approach to incident response enables you to create consistently repeatable processes. Your incident response playbook defines responsibilities and guides your security team through a list of activities to reduce uncertainty if or when an incident occurs. MITRE ATT&CK Framework outlines the tactics and techniques that threat actors use during different stages of an attack.

MITRE’s Caldera is a cybersecurity platform developed to simulate adversarial tactics, techniques, and procedures (TTPs). Built upon the MITRE ATT&CK framework, Caldera is an open-source tool designed to help cybersecurity professionals and organizations assess their defenses, uncover vulnerabilities, and enhance their overall security posture. By emulating real-world cyber threats, Caldera enables blue teams to test detection and response mechanisms under realistic conditions.

Active Directory is a cornerstone of IT systems, handling user authentication, permissions, and access to resources. Its importance makes it a main target for attackers trying to get unauthorized access, escalate privileges, or cause disruptions. The MITRE ATT&CK framework, a comprehensive knowledge base of adversary tactics, techniques, and procedures (TTPs), serves as a valuable tool to identify, prevent, and respond to such threats in your AD environment.

Cybersecurity frameworks often feel as exciting as tax codes and instruction manuals, useful but not exactly captivating. Yet, the MITRE ATT&CK framework has managed to capture the attention of security professionals worldwide by mapping out adversary tactics, techniques, and procedures (TTPs). Many organizations don’t operationalize MITRE ATT&CK’s potential fully, using the framework in predictable ways. But it doesn’t have to be that way.

As organizations deploy more AI-enabled systems across their networks, adversaries are taking note and using sophisticated new tactics, techniques and procedures (TTPs) against them. The need for continued innovation to fight these threats is paramount.

The IT industry has seen an unshakable surge in malware attacks. According to SonicWall’s 2022 Cyber Threat Report, almost 2.8 billion malware attacks were detected in 2022. Approximately 30% of these malware attacks were carried out using emails containing malicious links and attachments. On June 10, 2022, one such malware, Dark Crystal, also known as DCRat, jolted Ukraine. It is a remote access Trojan (RAT) that has been receiving regular upgrades and new modules since 2018.

Being a security analyst today is hard. You’re constantly trying to protect your organization while feeling like attackers are always a step ahead of you. Every year, you seem to add more security technologies to your stack, yet you still find yourself facing tooling gaps. If only you had the ability to clearly compare different products and their capabilities, you think.

Cyber threats against AI systems are on the rise, and today’s AI developers need a robust approach to securing AI applications that address the unique vulnerabilities and attack patterns associated with AI systems and ML models deployed in production environments. In this blog, we’re taking a closer look at two specific tools that AI developers can use to help detect cyber threats against AI systems.

Recently, Sysdig published a blog post about the ways businesses can harden their LLM-based AI applications using the OWASP Top 10 for Large Language Models. So why are we writing about MITRE ATLAS, and how is this any different from the OWASP Top 10 for LLMs?