A 4-part video series where we teamed up with Adam Shostack, a leading expert in threat modeling and author of ‘Threat Modeling: Designing for Security’ to explore the 4 fundamental questions of threat modeling that every defender should ask. Episode 1: What Are We Working On? Episode 2: …
Practical threat modeling experience is often centered in a single organization, and the fish doesn’t see the ocean. Learn from experts serving hundreds of organizations how ATT&CK provides an empirically grounded model that’s been successfully applied across commercial and government customers.
Defending Operational Technology (OT) with ATT&CK provides a customized collection of MITRE ATT&CK® techniques tailored to the attack surface and threat model for OT environments. Historical attacks against OT and adversarial techniques contained in ATT&CK for Enterprise, ATT&CK for …
Critical infrastructure such as electrical generation facilities, water treatment plants, and transportation systems are a lifeline for our communities. Unfortunately, this dependence has made critical infrastructure a prime target for threat actors.
Threat Modeling with ATT&CK defines how to integrate MITRE ATT&CK® into your organization’s existing threat modeling methodology. This process is intended for universal application to any system or technology stack (large or small) using existing threat modeling methodologies like STRIDE, …
Cybersecurity teams use threat modeling as a critical component of defensive cyber operations to understand and reduce threats to their systems and environments. To stay up to date on various threats, teams rely on cyber threat intelligence (CTI) reporting.
Defending IaaS with ATT&CK developed an ATT&CK matrix that enables users to easily understand and work with the techniques applicable to Infrastructure-as-a-Service (IaaS) environments, regardless of whether the attacks target the cloud management layer, the container technology, or the …
