We recently shared the exciting news of our new partnership with Tidal Cyber, which enables users of the Tidal platform to quickly map the breadth and depth of coverage in SafeBreach’s breach and attack simulation (BAS) platform against the adversary tactics and techniques of MITRE’s ATT&CK knowledge base. SafeBreach’s coverage is quite extensive, with nearly 700 separate platform capabilities mapped to ATT&CK techniques.
SafeBreach has been a strong supporter of MITRE ATT&CK from the time it was introduced; however, the framework’s growth and expansion have created a bit of a double-edged sword. The breadth and depth of techniques and sub-techniques ATT&CK now contains make it one of the most comprehensive resources available for researching adversary behaviors, which has led to a much broader profile of users accessing it. But the ever-growing knowledge it contains has also made it somewhat more confusing and difficult for the average user to understand.
To combat this challenge and help enterprises better operationalize the knowledge ATT&CK contains, SafeBreach has undertaken a few key initiatives, including:
- Aligning the SafeBreach BAS platform to the ATT&CK matrix in several ways. If you are a user of the SafeBreach platform, you probably already know that the techniques and tactics of the ATT&CK matrix are deeply integrated into our Hacker’s Playbook and MITRE ATT&CK heatmap. If you need a refresher on these capabilities, be sure to check out our “Getting Started with MITRE ATT&CK™ Framework” whitepaper.
- Joining forces with companies like Tidal Cyber that are developing tools to make ATT&CK more accessible.
To access the mapping, user’s of Tidal’s free Community Edition can simply add SafeBreach to their matrix from the Product Registry and instantly see all of the ATT&CK techniques covered by SafeBreach.
Additional detail on each of these capabilities is available on SafeBreach’s profile page in the Product Registry.
SafeBreach’s CTO and Co-Founder Itzik Kotler recently sat down with Tidal Cyber’s Frank Duff for a “fireside chat.” Be sure to check it out for an insightful conversation about SafeBreach’s inclusion in the Tidal platform, the challenges of parsing complex attacks into individual components, and the benefits and challenges of the ATT&CK matrix.
Tidal was founded by a trio of senior leaders from MITRE, with the mission of helping enterprises implement a “threat-informed defense”. This cybersecurity strategy is based on understanding how adversaries are likely to attack your network and using that knowledge to ensure you have the optimal security controls in place.
SafeBreach was created on a very similar idea: to create a platform that enables enterprises to quickly and easily test their security controls based on the real-world attacks adversaries are most likely to launch against them. Only by understanding the attacker’s specific tactics and techniques can security teams validate that their controls have the necessary capabilities and proper configuration to block these attacks.