The MITRE ATT&CK Framework

The MITRE ATT&CK framework has become the new standard for how the security world communicates about adversaries and techniques.

Get a Demo
Asimily Supports the MITRE ATT&CK Framework

Not All Vulnerabilities Are Created Equal

What are the MITRE ATT&CK Framework Components?

This framework provides a knowledge base of adversarial techniques, classified by tactics (short term tactical attack goals) and techniques (how cybercriminals achieved specific tactics). Rather than focusing on abstract kill chains and tools, the MITRE framework focuses on how cybercriminals interact with systems during a security event. MITRE ATT&CK is structured this way for a few reasons:

Insight into Adversary Behavior

Standard indicators of compromise (domains, IP addresses, file hashes, registry keys, etc.) provided point-in-time detection, but do not map how cybercriminals interact with systems over time. MITRE ATT&CK changed this by looking at system interaction.

Mapping of Lifecycle Models

Many existing lifecycle and cyber kill chain concepts relied on abstraction, rather than concrete tactics, techniques, and procedures (TTPs). This was insufficient to address current and emerging security needs.

Common Taxonomy

There was not a common terminology to describe TTPs across adversary groups. The MITRE ATT&CK framework provides one.

IoT Device Security in 2024:
The High Cost of Doing Nothing

Protecting the growing IoT architecture
in a complicated security environment

Safe, Comprehensive, Categorized

How Asimily Supports the MITRE ATT&CK Framework

Asimily analyzes every vulnerability and determines how it can be exploited using public research and its own capabilities. Starting with passively gathered network data, Asimily uses the MITRE ATT&CK framework to detect different attack techniques. Asimily also maps out the attack journey in order to understand how it could detect a given exploit attempt based on the ATT&CK techniques it detects.

Automated Analysis Backed by Humans

Asimily analyzes each vulnerability in a customer’s IoT fleet for how the vulnerability can be exploited. That includes the dependencies, pre-conditions, and other requirements for success. This base information – derived from Asimily’s patented techniques for automated analysis of diverse, unstructured information about devices and vulnerabilities is the start. It is then verified by Asimily security experts to get an accurate view of how the vulnerability can be mitigated.

Prioritize Vulnerabilities

Asimily identifies where exploitable vulnerabilities are in their environment. For each specific device, data is enriched with MDS2s and SBOMs information. Then, you can prioritize your efforts to address the real risks to your network and not just the published list of potential threats.

Breaking the Attack Chain

With this detailed and contextual information about vulnerabilities, the attack process, and the customer’s IoT deployment, a recommendation can be given. Asimily selects the simplest, least time-consuming method for breaking attack via one of the ATT&CK Framework’s codified steps. This respects security teams’ chronic shortage of time and resources, which forces them to reduce risk fast and efficiently.

What is the MITRE ATT&CK Framework

MITRE, the nonprofit responsible for the Framework, defines tactics as the underlying reason that attackers perform actions. The Framework starts by identifying critical tactics for enterprise systems and also drills down into Mobile and Industrial Control Systems (ICS). While some primary tactics follow across all three environments, some are unique to Mobile or ICS.

Dive Deeper
Asimily Supports MITRE AT&CK Framework

Asimily Enables Cybersecurity Compliance

Cybersecurity compliance and security are iterative processes. With Asimily, organizations can identify KPIs and then track trends over time for visibility into their security posture. Further, senior leadership and the board of directors need visibility into risk to fulfill their governance duties.

Discover How
Asimily Cybersecurity Compliance Frameworks

Our Gartner Peer Insights Reviews