FireEye Stories

Intelligently Test Your Security Program Against MITRE ATT&CK Framework

For most organizations, implementing MITRE ATT&CK™ as part of a security program is a difficult task. Many lack the necessary resources and know-how to navigate a comprehensive validation against ATT&CK and understand which Techniques are most relevant to their organization. Mandiant Security Validation solves this problem with an easy-to-implement platform featuring timely threat intelligence to optimize the use of this industry-standard attack model.

As discussed in our recent blog post, Mandiant Security Validation Offers Automated Evaluation of Security Controls Against MITRE ATT&CK Framework, what makes the Mandiant Security Instrumentation Platform unique is the library of attacks powered by Mandiant Threat Intelligence. Mandiant Threat Intelligence is generated by over 180 security researchers and intelligence analysts in 23 countries, covering 30-plus different languages. Mandiant’s adversary visibility and intelligence is informed by front-line incident response data, machine intelligence from over 15,000 network sensors worldwide, and over 21 million alerts validated by intelligence through global managed services.

This knowledge base feeds into the Mandiant Security Instrumentation Platform, providing organizations with the threat intelligence they need to identify MITRE ATT&CK Techniques most relevant to the organization, and the ability to automate security testing against those Techniques. As a result, organizations can understand and proactively protect against the latest and most relevant threats, as well as prioritize their cyber security initiatives.

Recently, we worked with a global technology company that leveraged Mandiant Security Validation, formerly Verodin, to align their validation program to the MITRE ATT&CK framework. As a result, they were able to achieve their target effectiveness baseline and leverage the technology to create a custom scorecard dashboard for the efficacy of their defenses for each ATT&CK Tactic. The company was then able to prioritize their focus on improving those key areas that had deviated from their optimized state, which was ultimately making their security program weaker over time.

As seen in the aforementioned use case, security validation aligned with MITRE ATT&CK and relevant intelligence drive focus and prioritization. Only then can organizations efficiently and strategically use their resources to know which attackers are targeting them and their peers, and what breaches are happening in their environment right now.

Want to learn how Mandiant Security Validation fits into your ATT&CK program? Download our whitepaper, Automate Testing Using MITRE ATT&CK with Verodin Security Validation (now Mandiant Security Validation).

Visit Mandiant Security Validation page and check out our demo to learn how security teams can validate their controls against the latest and emerging attacks aligned with the MITRE ATT&CK Framework.