Industry-wide partnership on threat-informed defense improves security for all

Credit to Author: Eric Avena| Date: Wed, 16 Sep 2020 16:00:39 +0000

MITRE Engenuity’s Center for Threat-Informed Defense has published a library of detailed plans for emulating the threat actor FIN6 (which Microsoft tracks as TAAL). Microsoft is proud to be part of this industry-wide collaborative project.

The post Industry-wide partnership on threat-informed defense improves security for all appeared first on Microsoft Security.

Read more

Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation

Credit to Author: Eric Avena| Date: Thu, 11 Jun 2020 17:00:05 +0000

Inspired by MITRE’s transparency in publishing the payloads and tools used in the attack simulation, we’ll describe the mystery that is Step 19 and tell a story about how blue teams, once in a while, can share important learnings for red teams.

The post Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation appeared first on Microsoft Security.

Read more

Trend Micro’s Top Ten MITRE Evaluation Considerations

Credit to Author: Trend Micro| Date: Tue, 28 Apr 2020 22:32:19 +0000

The introduction of the MITRE ATT&CK evaluations is a welcomed addition to the third-party testing arena. The ATT&CK framework, and the evaluations in particular, have gone such a long way in helping advance the security industry as a whole, and the individual security products serving the market. The insight garnered from these evaluations is incredibly…

The post Trend Micro’s Top Ten MITRE Evaluation Considerations appeared first on .

Read more

Getting ATT&CKed By A Cozy Bear And Being Really Happy About It: What MITRE Evaluations Are, and How To Read Them

Credit to Author: Greg Young (Vice President for Cybersecurity)| Date: Thu, 23 Apr 2020 18:37:23 +0000

Full disclosure: I am a security product testing nerd*.   I’ve been following the MITRE ATT&CK Framework for a while, and this week the results were released of the most recent evaluation using APT29 otherwise known as COZY BEAR. First, here’s a snapshot of the Trend eval results as I understand them (rounded down): 91.79%…

The post Getting ATT&CKed By A Cozy Bear And Being Really Happy About It: What MITRE Evaluations Are, and How To Read Them appeared first on .

Read more

Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP

Credit to Author: Windows Defender ATP team| Date: Tue, 04 Dec 2018 02:15:27 +0000

In MITREs evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities. The breadth of telemetry, the strength of threat intelligence, and the advanced, automatic detection through machine learning, heuristics, and behavior monitoring delivered comprehensive coverage of attacker techniques across the entire attack chain. MITRE tested the

Read more

The post Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP appeared first on Microsoft Secure.

Read more