A More Efficient Attack Path Effectiveness Assessment: The story behind our latest automated consulting tool
Since 2018, TrustedSec has used our Attack Path Effectiveness Assessment to understand the value of clients’ security tool stacks. These engagements combine the MITRE ATT&CK® framework’s detection data sources with honest conversations with tool owners to help clients reduce redundancies and save money.
Initially, the calculator TrustedSec created was a series of Excel spreadsheets, which worked well in the early days. But as the ATT&CK framework grew and more calculations were automated to illustrate efficacy from different angles, the calculator ran into performance limitations and reached the functional limit of what could be done.
In response, TrustedSec developed a web-based tool to streamline the assessment. That tool went live earlier this year and has been a major improvement in how we perform Attack Path Effectiveness Assessments.
Some key takeaways from this webinar:
- How to measure your tools’ and teams’ capabilities in detecting known attack techniques
- Some ways TrustedSec was able to make the capabilities measurements more intuitive
Join Director of Advisory Innovations Rockie Brockway as he discusses the history of this unique offering and learn about how the evolution of this tool has improved our assessment process as well as a number of unintended benefits we discovered when we started working with clients in the new platform.