Mitre – Page 18 – WindowsTechs.com

What does "Obtaining a CVE" mean

Posted on July 26, 2019 by Artog

I’ve have seen the term around and I mostly get that it is referred to when someone reports a vulnerability to Mitre.

But what does this mean practically? Are you listed somewhere as the reporter? Is this something people u… Continue reading What does "Obtaining a CVE" mean→

How long it takes to receive CVE-ID from cve.mitre.org?

Posted on July 17, 2019 by TEST tEsT

I had applied for CVE ID at https://cveform.mitre.org/.
I did followed their guidelines, and did exactly as their instructions said (didn’t add PGP key as it seems optional). It’s been 2 month since then and all I had receive… Continue reading How long it takes to receive CVE-ID from cve.mitre.org?→

ThreatConnect Platform now supports MITRE ATT&CK framework

Posted on July 15, 2019 by Industry News

ThreatConnect, provider of the industry’s only intelligence-driven security operations platform announces the support of the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques, within its own Platform…. Continue reading ThreatConnect Platform now supports MITRE ATT&CK framework→

ATT&CK Structure Part II: From Taxonomy to Ontology

Posted on July 9, 2019 by David Lu

In Part I, I described some structural problems in MITRE’s ATT&CK adversarial behavior framework. We looked at a couple of examples of techniques that vary greatly in terms of abstraction as well as techniques that ought to be classified as p… Continue reading ATT&CK Structure Part II: From Taxonomy to Ontology→

What’s the difference between OVAL definitions, objects, and tests?

Posted on July 1, 2019 by Mike B

I’m trying to become more familiar with OVAL tst def and obj references in joval xml definition files.

For example, I’ll see stuff like:

And then… Continue reading What’s the difference between OVAL definitions, objects, and tests?→

ATT&CK Structure Part I: A Taxonomy of Adversarial Behavior

Posted on June 27, 2019 by David Lu

Following last year’s exceedingly successful inaugural MITRE ATT&CK™ conference, this year’s highly anticipated ATT&CKcon 2.0 conference will be held from Oct 28-30 at MITRE’s McLean headquarters. MITRE’s always op… Continue reading ATT&CK Structure Part I: A Taxonomy of Adversarial Behavior→

ThreatQ adds support for mobile and PRE-ATT&CK in response to rapid customer adoption

Posted on May 21, 2019 by Industry News

ThreatQuotient, a leading security operations platform innovator, announced that the ThreatQ integration with MITRE ATT&CK now includes support for PRE-ATT&CK and Mobile. Together with Enterprise ATT&CK, the three-pronged framework creat… Continue reading ThreatQ adds support for mobile and PRE-ATT&CK in response to rapid customer adoption→

MITRE ATT&CK April 2019 Update

Posted on May 13, 2019 by David Lu

MITRE has released an April 2019 update to its ATT&CK framework. It’s been a year since the last major update featuring a new tactic. There are a number of changes for this year: the most major being the addition of a 12th Tactic, Impact, whi… Continue reading MITRE ATT&CK April 2019 Update→

MITRE’s ATT&CK to assess cybersecurity products based on APT29/Cozy Bear/The Dukes

Posted on May 3, 2019 by Industry News

MITRE’s ATT&CK Evaluations program will assess commercial cybersecurity products based on techniques used by APT29/Cozy Bear/The Dukes. Cybersecurity analysts believe the group operates on behalf of the Russian government, and that it compromised … Continue reading MITRE’s ATT&CK to assess cybersecurity products based on APT29/Cozy Bear/The Dukes→

Supply chain attacks: Mitigation and protection

Posted on May 2, 2019 by Help Net Security

In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical cyber attacks, supply chain attacks provide two major advantages to attackers. F… Continue reading Supply chain attacks: Mitigation and protection→