MITRE ATT@CK for the Global Security Operations Center GSOC CyberSec

The ATT&CK framework from MITRE is focused on techniques used to compromise client operating systems such as Microsoft Windows, Linux, Apple’s Mac OS, and mobile os like Apple iOS and Google Android.

Adversarial
Tactics,
Techniques,
&
Common
Knowledge

But as we’ve seen recently lateral attack from one of these client OS devices can be used against servers and cloud resources too such as stealing an OAUTH token allowing admin access for the SAML SSO solution and gaining access to pretty much any SaaS tool used at the organization.

MITRE allows external contributors but this process needs to be enhanced to more easily allow vendors and subject matter experts to update content and provide feedback.

If you work in or are building a SOC then this is for you. MITRE has a book published in 2014 by Carson Zimmerman. Download the PDF file here: Ten Strategies of a World-Class Cybersecurity Operations Center

Table of Contents
Executive Summary

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s