Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

MITRE ATT&CK: How BeyondTrust Security Solutions Align with the Framework

June 2, 2020

  • Blog
  • Archive

For those who might be new to the MITRE ATT&ACK Framework, let’s briefly examine what MITRE ATT&CK and its framework is so you can have a better understanding of how you might leverage it.

“MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.” – MITRE ATT&CK: Design and Philosophy Abstract July 2018

So, what does this mean in laymen’s terms? If you’re looking at MITRE ATT&CK wondering why it might be important, MITRE ATT&CK is essentially a knowledge base of threats, tactics, and behaviors used by cyber threat actors to compromise, exploit, or expose the data of companies, organizations, and businesses. In addition to the threats, tactics, and behaviors, the Framework also provides mitigations around each of the attack methods used by leveraging input from various resources, including from the government and private sectors.

Learn how BeyondTrust PAM Solutions Map to MITRE Att&CK Navigator. Download the Guide.

Mitre Corp, the non-profit, which among many roles, also maintains the Common Vulnerabilities and Exposures (CVE) system, developed the “ATT&CK Framework” in 2013. Since that time, the MITRE ATT&CK Framework has been a living, growing document. The ATT&CK portion is an acronym derived from Adversarial Tactics, Techniques, and Common Knowledge.

The Framework has made it easier for cybersecurity professionals to understand and counteract adversaries by exposing the tactics, techniques, and methods used by the attacker. In addition, the Framework breaks down the ATT&CK Matrix in a visual format similar to that of a Periodic Table Chart used in chemistry. This makes it easy to see the relationships between the tactics, techniques, and sub-techniques. When you dive into the details of the framework, you can see affected operating systems, examples, detections, and mitigations.

Adapting to COVID-19 and the Shifting Landscape of Cyberthreats

As a result of COVID-19 and the recommended, or mandated, stay at home and social distancing policies implemented across the world, companies and their employees have been forced to work remotely—and usually this entails working from home. Some organizations were more prepared for this abrupt, mass shift to telecommuting than others, but few have had the time to perfect it. This new work environment has created at least several big opportunities for cybercriminals to leverage remote access threat vectors to exploit vulnerabilities and security gaps.

With this in mind, the BeyondTrust team refreshed our white paper on MITRE ATT&CK and how our Privilege Access Management (PAM) solutions fit into the framework. We took all three PAM pillars—Privileged Password Management, Endpoint Privilege Management, and Secure Remote Access—and applied them to the MITRE ATT&CK Tactics, Techniques, and Mitigations so customers and potential customers can understand better how our PAM platform aligns with the MITRE ATT&CK Framework. After all, the famous cliché of any cybersecurity organization is – It’s not a matter of “IF” we get compromised, its “When!”

With this white paper: Mapping BeyondTrust Solutions into the MITRE ATT&CK Navigator, you can clearly see how our PAM platform aligns with the MITRE ATT&CK framework for Detecting, Alerting, and Preventing for each of the techniques across the entire MITRE ATT&CK Matrix. As we all know, each organization is unique in their priorities related to mitigating cybersecurity risks, so when an organization looks at a vendor and has placed a high priority on prevention rather than detection, the organization can easily see where the products and solutions align.

The beauty of the MITRE ATT&CK Framework is that it is constantly evolving and growing--it’s not a static matrix. As new threat techniques and tactics are used and discovered, the framework will continue to develop allowing public and private organizations, solution providers, and the cyber community to have a relevant and resourceful point of reference for understanding attacker’s and their techniques.


Whitepapers

Mapping BeyondTrust Solutions into the MITRE ATT&CK Navigator

Christopher Hills

Deputy Chief Technology Officer and Senior Solutions Architect

Christopher L Hills has more than 15 year’s experience as a Senior Security and Architecture Engineer operating in highly sensitive environments. Chris is a military veteran of the United States Navy, and started with BeyondTrust after his most recent role leading a Privileged Access Management (PAM) team as a Technical Director within a Fortune 500 organization. In his current position, he has assisted the Sales Engineering Organization consulting on PAM implementations and now reports to the Office of the CTO as Deputy CTO. In his free time, Chris enjoys spending time with his family on the water with their 32 foot speedboat in the summer and taking to the sand dunes and off-roading in the winter.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Up next

From May 29, 2020:
The Clock Strikes 13 on the 2020 Verizon Data Breach Investigations Report
From June 3, 2020:
Remote Working: A Catalyst for Enhancing Your Endpoint Security

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.