Integrate MITRE ATT&CK into investigation flows
Are you looking for more structured and proactive approaches to improve threat detection for your clients?
The shopping aisles are full of threat detection tools. Which of them use frameworks like MITRE ATT&CK* to evaluate possible solutions against a real-world array of adversary tactics, techniques, and procedures (TTPs)?
ExtraHop offers easy ways to integrate ATT&CK into investigation flows. Its existing detection cards automatically provide background information about attack behaviours, as well as links to MITRE ATT&CK TTPs. Customers can view detections on a visual matrix, mapped to the MITRE ATT&CK Framework, as well as search the environment for detections by MITRE ATT&CK code.
Watch this three-minute video to see how the new feature works, then dive into the free online demo to show your customers how you can accelerate threat detection!
*The MITRE ATT&CK Framework is a valuable threat detection guide but that is where it ends. Analysts still need to do the work of searching separate locations or resorting to Google to understand the implications of a given detection or finding out where on the Framework a particular detection might have relevance.
If you’d like to explore our security solutions, contact us on
sales@bluelabeldist.com
Recent Comments