Closed mitilan closed 2 years ago
RoxyBroge
commented
3 years ago Изучаем Adversarial Tactics, Techniques & Common Knowledge (ATT@CK). Enterprise Tactics. - используя эти рекомендации можно улучшить защиту и навести порядок.
Top 10 most used MITRE ATT&CK tactics and techniques - полезно следить за ТОП списком чтобы быть готовым к трендовым атакам
mitilan
commented
3 years ago mitilan
commented
3 years ago Tools for working with Att&ck https://attack.mitre.org/resources/working-with-attack/ STIX / Excel / Navigator / python module
mitilan
commented
3 years ago Pyramid of pain, the source http://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html
Plus some clarification: https://www.threathunting.net/files/A%20Framework%20for%20Cyber%20Threat%20Hunting%20Part%201_%20The%20Pyramid%20of%20Pain%20_%20Sqrrl.pdf
mitilan
commented
3 years ago Цикл статей на хабре от bassmack: https://m.habr.com/ru/users/bassmack/posts/
mitilan
commented
3 years ago Для тех, кто любит роадмапы: https://medium.com/mitre-attack/att-ck-2021-roadmap-68bab3886fa2
mitilan
commented
3 years ago mitilan
commented
3 years ago mitilan
commented
3 years ago Someone's thoughts on MITRE and cyber kill chain https://blueteamblog.com/my-thoughts-on-using-the-mitre-attck-framework-for-siem-detections
mitilan
commented
3 years ago STIX - A structured language for cyber threat intelligence https://oasis-open.github.io/cti-documentation/
mitilan
commented
3 years ago TAXII - Trusted Automated Exchange of Intelligence Information (TAXII™) https://oasis-open.github.io/cti-documentation/taxii/intro
Разбираемся с матрицами MITRE ATT&CK (https://attack.mitre.org/) Использование в повседневной работе;
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.