With the volume of cyberattacks growing every day, organizations are increasingly relying on third-parties to help discover, prioritize, categorize, and provide guidance to remediate threats. Once such third party is MITRE and their ATT&CK™ knowledge base. MITRE started ATT&CK in 2013 to document common tactics, techniques, and procedures (TTPs) that advanced persistent threats use against Windows enterprise networks.

According to the MITRE website:

  • MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
  • Open and available to any person or organization for use at no charge, the goal of MITRE ATT&CK is to bring communities together to develop more effective cybersecurity.

BeyondTrust has mapped its PAM solutions for privileged password management, endpoint privilege management, and secure remote access into the ATT&CK framework by tactic and technique. With this mapping, organizations can better optimize the return on their security investments.