MITRE ATT&CK v11 – a small update that can help (not just) with detection engineering, (Wed, Apr 27th)

This post was originally published on this site

MITRE ATT&CK has long been the de facto standard for sharing TTPs of different threat actors and for planning and executing various threat emulation exercises. However, especially in the last few years, I’ve seen more and more Security Operations Centers start using it as well, for mapping of their defensive capabilities, detection use cases and SIEM correlation rules.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.