Threat-Informed Defense for the Financial Sector
Connect adversarial threat mitigations to cybersecurity program resources tailored to the financial sector, namely the Cyber Risk Institute …
May 25, 2023
Project Summary
The ATT&CK Sync project streamlines upgrades to new versions of MITRE ATT&CK® by providing tools and resources to migrate existing projects to current ATT&CK versions in a timely and efficient manner. The ATT&CK knowledge base is updated twice per year and with each new ATT&CK release, these projects fall behind and become outdated. ATT&CK Sync provides tools and a methodology that organizations can use to implement their own solutions for keeping up with latest version of ATT&CK, saving time and effort for all.
Problem
Most projects that depend in some way on MITRE ATT&CK are dependent on a specific release of ATT&CK – generally whatever version of ATT&CK was current at the time that the project was being developed. Due to the semiannual ATT&CK release cadence, these projects quickly fall behind and become out-of-date.
Solution
The ATT&CK Sync project provides tools and a methodology that organizations can use to maintain currency with the latest version of ATT&CK, saving time and effort.
Impact
By staying up to date on ATT&CK releases, organizations around the world can keep their threat-informed defense timely and relevant to emerging threats.
Enabling the ATT&CK community to keep up to date
We created ATT&CK Sync to improve our own team’s ability to keep projects fresh and relevant, and quickly recognized there was a need across the ATT&CK community to keep up to date. As with all our resources, those that make up ATT&CK Sync are open-sourced, freely available, and applicable to any project or organization that relies on ATT&CK.
Explore More of Our Work:
Ambiguous Techniques
Building upon the research of Summiting the Pyramid, Ambiguous Techniques is a methodology to determine malicious intent behind seemingly benign …
Prioritize Known Exploited Vulnerabilities
Prioritize Known Exploited Vulnerabilities shows defenders how to take a threat informed approach to vulnerability management.
Stay Informed
Sign up for our "Stay Informed" mailing list to receive announcements for project publications, upcoming events, and other news about the Center.