February 18, 2020
Netsurion, a leading managed security service provider, today announced the integration of the MITRE ATT&CK® framework with the upcoming 9.3 release of its co-managed SIEM, EventTracker, which delivers SOC-as-a-Service (SOCaaS) by including the company’s 24/7 security operations center (SOC).
Developed by MITRE, the ATT&CK framework is a public knowledge base of adversary tactics and techniques based on real-world observations, providing a foundation for developing specific threat models and methodologies. The framework’s descriptions of tactics and techniques allow defenders to identify relationships between individual observations and known campaigns or threat actors, making it possible to block those tactics and enable more effective defense, detection, and remediation.
“We’re especially excited to provide our co-managed SIEM users with better insights into the nature of today’s cyberattacks,” said A.N. Ananth, Netsurion’s chief strategy officer. “By adopting the ATT&CK framework within our EventTracker product and services, we’re improving threat hunting and using standard vocabulary. The result is better and more comprehensive discovery of attacks that are ongoing. What’s more, we’re giving these users a big detection and investigation advantage during those first critical moments, when a problem has been discovered. And because it creates a common taxonomy for describing those attack patterns, ATT&CK makes it easier to share threat intelligence with consistency, accuracy, and increased effectiveness".
“The MITRE ATT&CK knowledge base provides a common language for the cybersecurity community to use when describing adversary behaviors,” said Jon Baker, MITRE department head for adversary emulation and orchestration. “We continue to be inspired by the ways the entire community is using ATT&CK to improve their defenses.”
“With the integration of ATT&CK into its co-managed SIEM, Netsurion is giving companies like ours a huge advantage when it comes to identifying and understanding sophisticated threats sooner and with greater accuracy than we might otherwise,” said Brad Alexander, Vice President and Chief Technology Officer at Immedion.
About EventTracker by Netsurion Netsurion’s co-managed SIEM, EventTracker, includes key capabilities for:
Learn more at MITRE ATT&CK Resources EventTracker 9.x Updates MITRE ATT&CK in action