Various companies, who work on and provide Cybersecurity solutions, have their own unique ways to tackle Cyber threats they track. While experts said that ATT&CK framework (Adversarial Tactics, Techniques, and Common Knowledge), a model for organizing detailed information about how a hacking group behaves, has been gaining popularity and helping organizations share threat intelligence.
MITRE Corp., a federally sponsored nonprofit organization that manages public-private technology partnerships, has begun developing ATT&CK In 2013. The model has overfed into a popular way for those people who performing different roles in Cybersecurity to speak the same language. The group has held its first ATT&CK meeting on Tuesday in McLean, Virginia, where various vendors or suppliers convened to discuss how the framework has streamlined their practice of threat intelligence sharing.
The framework offers Cybersecurity agencies with spreadsheet-style matrices that structure the way about an attacker’s TTP (Tactics, Techniques, and Procedures). The matrices include different noticeable methods of persistence, lateral movement and other granular pieces of information. This provides researchers a general way to talk on how to defend against threats. ATT&CK believer said earlier to the development of the framework that the process of sharing information about threats actors was muddled and inefficient.
A principal at Level Nine Group, Jason Sinchak commented at the meeting that ATT&CK has offered a way to standardize the threat intelligence sharing process that wasn’t there before. Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is currently enterprise-focused while MITRE Corp. is seeking to increase into other technology domains in the upcoming days.