Using MITRE ATTandCK™ in Threat Hunting and Detection
MITRE ATTandCK ™ is an open framework and knowledge base of adversary tactics and techniques based on real-world observations. ATTandCK provides a common taxonomy of the tactical objectives of adversaries and their methods. Having a taxonomy by itself has many valuable uses, such as providing a common vocabulary for exchanging information with others in the security community. But it also serves as a real technical framework for classifying your current detection efforts and identifying gaps where you are blind to certain types of attack behaviors.
This paper will introduce you to ATTandCK and related tools and resources based on ATTandCK. Then it will discuss how to make practical use of ATTandCK with a focus on threat hunting and detection.
Read More
By submitting this form you agree to LogRhythm contacting you with marketing-related emails or by telephone. You may unsubscribe at any time. LogRhythm web sites and communications are subject to their Privacy Notice.
By requesting this resource you agree to our terms of use. All data is protected by our Privacy Notice. If you have any further questions please email dataprotection@techpublishhub.com
Related Categories: Analytics, Applications, Cloud, Cloud Storage, ERP, Linux, Log Management, Malware, Network, Operating System, Server, Software, Storage, Windows Server
More resources from LogRhythm
Definitive Guide to SOAR
How to stop threats faster with security orchestration, automation, and response.
Cybersecurity organizations have their work cut out for the...
Using MITRE ATT&CK™ in Threat Hunting and D...
MITRE ATT&CK ™ is an open framework and knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK provides a co...
Alphabet Soup: Making Sense of XDR, EDR, NDR,...
XDR, EDR, NDR, and SIEM. They are among the most prominent acronyms in cybersecurity. But what do they all mean, how do they work, and how do the t...
