BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    Use Cases and Industries
    See All Products
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

MITRE ATT&CK: How BeyondTrust Security Solutions Align with the Framework

June 2, 2020

  • Blog
  • Archive

For those who might be new to the MITRE ATT&ACK Framework, let’s briefly examine what MITRE ATT&CK and its framework is so you can have a better understanding of how you might leverage it.

“MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.” – MITRE ATT&CK: Design and Philosophy Abstract July 2018

So, what does this mean in laymen’s terms? If you’re looking at MITRE ATT&CK wondering why it might be important, MITRE ATT&CK is essentially a knowledge base of threats, tactics, and behaviors used by cyber threat actors to compromise, exploit, or expose the data of companies, organizations, and businesses. In addition to the threats, tactics, and behaviors, the Framework also provides mitigations around each of the attack methods used by leveraging input from various resources, including from the government and private sectors.

Learn how BeyondTrust PAM Solutions Map to MITRE Att&CK Navigator. Download the Guide.

Mitre Corp, the non-profit, which among many roles, also maintains the Common Vulnerabilities and Exposures (CVE) system, developed the “ATT&CK Framework” in 2013. Since that time, the MITRE ATT&CK Framework has been a living, growing document. The ATT&CK portion is an acronym derived from Adversarial Tactics, Techniques, and Common Knowledge.

The Framework has made it easier for cybersecurity professionals to understand and counteract adversaries by exposing the tactics, techniques, and methods used by the attacker. In addition, the Framework breaks down the ATT&CK Matrix in a visual format similar to that of a Periodic Table Chart used in chemistry. This makes it easy to see the relationships between the tactics, techniques, and sub-techniques. When you dive into the details of the framework, you can see affected operating systems, examples, detections, and mitigations.

Adapting to COVID-19 and the Shifting Landscape of Cyberthreats

As a result of COVID-19 and the recommended, or mandated, stay at home and social distancing policies implemented across the world, companies and their employees have been forced to work remotely—and usually this entails working from home. Some organizations were more prepared for this abrupt, mass shift to telecommuting than others, but few have had the time to perfect it. This new work environment has created at least several big opportunities for cybercriminals to leverage remote access threat vectors to exploit vulnerabilities and security gaps.

With this in mind, the BeyondTrust team refreshed our white paper on MITRE ATT&CK and how our Privilege Access Management (PAM) solutions fit into the framework. We took all three PAM pillars—Privileged Password Management, Endpoint Privilege Management, and Secure Remote Access—and applied them to the MITRE ATT&CK Tactics, Techniques, and Mitigations so customers and potential customers can understand better how our PAM platform aligns with the MITRE ATT&CK Framework. After all, the famous cliché of any cybersecurity organization is – It’s not a matter of “IF” we get compromised, its “When!”

With this white paper: Mapping BeyondTrust Solutions into the MITRE ATT&CK Navigator, you can clearly see how our PAM platform aligns with the MITRE ATT&CK framework for Detecting, Alerting, and Preventing for each of the techniques across the entire MITRE ATT&CK Matrix. As we all know, each organization is unique in their priorities related to mitigating cybersecurity risks, so when an organization looks at a vendor and has placed a high priority on prevention rather than detection, the organization can easily see where the products and solutions align.

The beauty of the MITRE ATT&CK Framework is that it is constantly evolving and growing--it’s not a static matrix. As new threat techniques and tactics are used and discovered, the framework will continue to develop allowing public and private organizations, solution providers, and the cyber community to have a relevant and resourceful point of reference for understanding attacker’s and their techniques.


Whitepapers

Mapping BeyondTrust Solutions into the MITRE ATT&CK Navigator

Photograph of Christopher Hills

Christopher Hills, Deputy Chief Technology Officer, BeyondTrust

Deputy CTO focused in Privileged Access Management (PAM) and Identity and Access Management (IAM). Architecture, Engineering, and Implementation of BeyondTrust's Privileged Access Management Solutions enforcing Privileged Password Managment and Privileged Session Management, Privileged Endpoint Management, and Secure Remote Access which utilizes a single pane of glass for all management aspects including Audit, Reporting, and Vulnerability.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

The Operational Technology (OT) Remote Access Challenge

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

KuppingerCole Leadership Compass - Privileged Access Management for DevOps

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.