MITRE ATT&CK: Climb to the top
The MITRE ATT&CK framework was born in 2013 as a spin-off of MITRE’s Fort Meade eXperiment (FMX). FMX was a research environment used to emulate both adversarial and defender behaviours in an effort to use telemetry and behavioural analysis to improve post-compromise detection of threats. To do so, a scientifically-sound way to catalogue and document adversarial behaviour was deemed necessary. The MITRE ATT&CK framework was born to fulfil that duty.
A thorough understanding of the MITRE ATT&CK framework and of its uses can be beneficial to cyber security enthusiasts and professionals at all levels: technical, managerial and board.
The article is written with such a broad audience in mind and as such won’t linger on overly technical details.