Attack Frameworks
The MITRE ATT&CK framework, the Cyber Kill Chain, and the diamond model of intrusion analysis are all valuable tools and concepts used in the field of cybersecurity to understand and defend against cyber threats. The following sections will investigate the benefit of each when dealing with incident response.
MITRE ATT&CK Framework
MITRE is a US government-sponsored company whose aim is to help prevent cyberattacks. They developed an online framework that can be used by the public, with many matrices that give information about adversaries and their attack methods.
On the MITRE website (https://attack.mitre.org), you will find a huge spreadsheet that you can use to find information on adversaries, their attack methods, and how to mitigate these attacks, which is invaluable information for everyone from cybersecurity teams to threat hunters. and comprises the following aspects:
- Adversarial: This looks at the behavior of potential attackers according...