Prioritize Known Exploited Vulnerabilities
Prioritize Known Exploited Vulnerabilities shows defenders how to take a threat informed approach to vulnerability management.
December 10, 2020
This project refined and expanded MITRE ATT&CK’s coverage of adversary behaviors in cloud environments. Through our research, we refactored and consolidated the cloud platforms into IaaS, SaaS, Office365, and Azure AD. Next, we overhauled cloud data sources to better align with enterprise ATT&CK. Finally, we expanded cloud technique coverage adding and updating existing techniques.
Defenders lack visibility into adversary behaviors in cloud technologies, leaving their organizations exposed to emerging threats.
Expand MITRE ATT&CK to describe adversary behaviors in and against Cloud technologies.
Simplified defenders use of ATT&CK by aligning ATT&CK’s coverage for Cloud TTPs with how organizations are using Cloud in their operations.
Prioritize Known Exploited Vulnerabilities shows defenders how to take a threat informed approach to vulnerability management.
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the …
Summiting the Pyramid (STP) creates a methodology to score analytics against the pyramid of pain, helping defenders create more robust detections …
Sign up for our "Stay Informed" mailing list to receive announcements for project publications, upcoming events, and other news about the Center.