ThreatConnect Platform now supports MITRE ATT&CK framework
ThreatConnect, provider of the industry’s only intelligence-driven security operations platform announces the support of the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques, within its own Platform.
Users of the ThreatConnect Platform will now be able to classify their intelligence and derive meaningful conclusions to help prioritize responses.
The ATT&CK Framework was developed by The MITRE Corporation, and the ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
The ThreatConnect Platform provides users with the ability to create meaningful custom queries to examine their intelligence using ATT&CK data, create custom dashboards to look for patterns, and create a course of action and escalation with Playbooks that tie back to intelligence.
Andy Pendergast, ThreatConnect’s VP of Product said, “We’re really excited about what the MITRE ATT&CK framework enables and the depths of our support for it. It is a powerful tool for understanding adversary behavior and potential gaps in defense.”
Leveraging ATT&CK within ThreatConnect will help Platform users classify indicators, prioritize threats, and automate processes. Directly from the ThreatConnect Platform, users are able to view all Techniques related to the MITRE Pre-ATT&CK and Enterprise ATT&CK Datasets.
The Platform enables users to drill down into each Technique to get details mapped directly back to the information provided in the MITRE Framework. And, paired with the flexibility of the ThreatConnect data model and ATT&CK implementation, users can now employ Dashboards to better understand the specific adversary tactics and techniques that a security team may encounter.
Added Pendergast, “As we see more and more customers adopting the ATT&CK framework, ThreatConnect wants to ensure they have the solution they need to classify activity, leverage knowledge of adversary techniques to aid investigations, make better informed and faster response actions, and automate defensive actions with intelligence beyond just using indicators of compromise.
“This is just the first set of capabilities we are offering leveraging ATT&CK, we have several more powerful analytic use cases we will be implementing in upcoming releases, so stay tuned.”