Measuring Effectiveness With MITRE ATT&CK

Date: November 16, 2022

The MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CKTM) Framework continues to mature as the go-to model for known cyber adversary behavior, but how much is it improving your security program?

Navigating ATT&CK’s complexity is a challenge.

MITRE has added tremendous value and information to the framework, which has also contributed to the knowledge base’s complexity. Because many organizations are likely already using frameworks such as the NIST Cybersecurity Framework or ISO 27001 for program maturity and incorporating Purple Teams to improve the ability to detect, deflect, or deter an attacker, it’s challenging to know where ATT&CK can fit in.

Efficiently focus your tools on the right adversary behavior.

ATT&CK can be used to gauge organizational effectiveness against known attack techniques and illustrate how valuable each tool is to the security team’s detection and mitigation capabilities. To help your organization, this webinar will address the following:

  • Understanding recent changes in MITRE ATT&CK
  • Increasing the effectiveness of detections in your program
  • Aligning threat modeling and control maturity frameworks
  • Determining where and when to include ATT&CK in your organizational effectiveness assessments

Discover insights to increase program effectiveness.  

Tune in to hear TrustedSec discuss how your organization can better use the MITRE ATT&CK Framework and map it to current frameworks to increase effectiveness!