One thing I noticed missing from the road map. Do you plan on adding ATT&CK Navigator output to this?
The present everyone has been asking for is here! We are excited to announce the beta release of TRAM, a tool to aid in mapping reports to ATT&CK. You can find our latest blog with all the details at https://medium.com/mitre-attack/automating-mapping-to-attack-tram-1bb1b44bda76 … and the source code at https://github.com/mitre-attack/tram ….pic.twitter.com/8XwpgV2eCx
-
-
-
It's not on the roadmap yet, but that's an interesting idea. We suggest submitting a feature request on GitHub: https://github.com/mitre-attack/tram/issues/new?template=feature-request.md ….
Kraj razgovora
Novi razgovor -
-
-
Nice stuff
@sarah__yoder. I'm looking forward to testing this out. Also, curious if we think a lexicon should be considered and campaigned for adoption across CTI? Or was this the acceptance that such effort takes more effort than this tool? Love it either way. -
That’s one of the main goals behind ATT&CK, providing a common languages. TRAM can hopefully be of use until everyone gets on the same page in terms of describing adversary behavior; plus offer a way to then feed that reporting into other outputs (is tooling) for analysis
- Još 1 odgovor
Novi razgovor -
-
-
Really happy to see this. I'm looking forward to updating my reporting material in http://soc-class.com to reflect it!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Useful tool for quickly identifying techniques and mapping it to ATT&CK
@MITREattack it would be nice if you guyz can map sector's/industries been targeted against specific groups that might help organizations to prioritize their implemention of detection use cases -
I like this idea...but rather than having MITRE do this, wouldn't it be more useful if the orgs conducting intrusion analyses were to do so? If you want to see what this looks like, check out the CrowdStrike report published in Oct.
- Još 1 odgovor
Novi razgovor -
-
-
TRAM for mapping reports to ATT&CK looks to be a fantastic enabler to get an organization productive with the capability!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.