Tweeted from @MITREattack 30 October 2019
With over 1,200 cybersecurity vendors in the market today, only twenty-one of those selected were confident enough to participate in round two of the MITRE ATT&CK evaluations. We at CyCraft are excited to join the MITRE ATT&CK evaluations against the simulation of APT29/Cozy Bear.
For the majority of cybersecurity’s short history, security vendors have been hunting and labeling malware, which now numbers over 10 billion. As we venture further into the 21st century, modern adversary’s TTP (tactics, techniques, and procedures) leverage not just malware but also a diverse array of precise and adept techniques. In only seven years, MITRE ATT&CK has become THE codex for cybersecurity vendors and security analysts from finance, healthcare, energy, manufacturing, retail, and government to better understand modern adversarial behavior, especially as their tradecraft expands from information theft and fraud, to espionage, disinformation, and even sabotage.
The most valuable thing MITRE ATT&CK has given the cybersecurity industry is a common language and framework to discuss and analyze the capabilities of an attacker’s TTP. Having the ATT&CK framework allows clients to better understand the behaviors of an adversary instead of analyzing the endless malware (adversary’s tools). Due to the level of sophistication in modern-day cyber attacks, the Cyber Kill Chain model alone is incapable of fully capturing and narrating an attack. The MITRE ATT&CK framework documents and catalogs adversarial behavior over 330 attack techniques broken down into 12 different categories. In joining the latest round of MITRE ATT&CK evaluations, we at CyCraft seek to tell the world that we are ready to defend against modern-day threats and attacks — even APT29.
CyCraft AIR Security Platform: Xensor, CyCarrier and CyberTotal
CyCraft offers a full MDR solution through endpoint protection, AI-driven investigation, and accumulated global threat intelligence. Delivered by our CyCarrier AIR platform, which includes Xensor, CyCarrier, and CyberTotal, our MDR can go from detection through validation all the way to remediation in under 60 minutes.
The modern cyber security war room powered by CyCraft
We are thankful that a trusted organization like MITRE exists to emulate very true-to-life sophisticated APT attacks to test products and services. We are confident that the MITRE ATT&CK Round Two evaluations will reveal positive results. CyCraft won’t let Cozy Bear maul you — not even a scratch.