In the News
- Adopt threat modeling, control validation, and ATT&CK. Technology providers should anticipate being targeted by threat actors—either for financial gain or as a stepping stone into customer environments—and apply and validate security controls based on anticipated adversary behavior. By understanding the anatomy of recent supply chain attacks and associated tactics, techniques, and procedures (TTPs), defenders can ensure risk-based countermeasures are in place and effective to safeguard software code and other crown jewels. The MITRE Corporation’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework can help through its library of mappings between TTPs and defensive countermeasure coverage.
Featured Publications
James Wallner
Jan 9, 2024
Jonathan Cannon
Jan 17, 2024
Philip Rossetti
Jan 17, 2024
Philip Rossetti
Jan 12, 2024
C. Jarrett Dieterle
Jan 11, 2024 Reason