Getting Started with MITRE ATT&CKTM Framework

Problem

Focusing your security team to test attack methods based on MITRE ATT&CK framework sets the direction on threat data to pinpoint your enterprise security posture. As with any new process, there are challenges in getting started, for example:

  • Should you test all techniques across the ATT&CK framework?
  • Should you focus the team on TTPs for threat groups that are most impactful to your organization?
  • Should you chase the latest threats?
  • For how long should testing be performed to collect the data needed for reporting?

Download White Paper