The use of MITRE Att@ck
Dec 22nd, 2018 by Jesper Kråkhede
One of my core mantras when I discuss security is to do the right things first. So how do you know that you are doing the right thing, isn´t that what the risk analysis is for? Correct! Five points to Gryffindor! There is however a better way to move forward. Imagine that someone has already done a very thorough risk analysis on a technical level that you could reuse. Say hi to MITRE Att@ck .
This framework points to a very important part in my campaign for better security globally: Do the right things first! This means that you should make sure that you block all known attacks using the tools available to you so that you then can spend time on the more challenging attacks. Not a hacker in the world will bother about using Spectre-attacks if your admins will click on a link on a workstation the use for both mail and domain admin tasks. MITRE Att@ck lists a number of attacks, attack play books, that you need to protect against. This framework is also used to evaluate the effectiveness of different security tools.
So take a good look at MITRE Att@ck and start using it today.