Most Recent

Integrations – Vectra

AttackIQ has released a new integration for use with network based scenarios. This blog describes use cases, scenarios one can utilize and what indicators we look for when determining a match.

5 Reasons You Don’t Want to Miss Purple Hats Conference 2022

The award-winning Purple Hats Conference is the industry destination for cybersecurity practitioners around the globe to collaborate, share ideas, and learn how to evolve cybersecurity strategies from a reactive to proactive threat-informed defense. We’re just days away from the best “cyberforum of the year” and you won’t want to miss it—and there’s still time to join. Here we’re breaking down for you five reasons you don’t want to miss Purple Hats.

Attack Graph Response to US-CERT AA22-083A: Historical Russia-based Actors Targeting the Energy Sector 

AttackIQ has released a new attack graph for organizations to test and validate their cyberdefense effectiveness against the HAVEX strain of malware. This attack graph follows a pair of Department of Justice indictments of Russia-based threat actors and a new joint FBI-CISA Cybersecurity Advisory about HAVEX released last week. An enduring and dangerous threat, HAVEX targeted the energy and power sectors in 135 countries from 2012-2018, and the tactics and techniques within it continue to threaten organizations today.

Testing Network Security Controls against Russian Malware 

Following an up-tick in the activity of Russia-based cyberthreat actors, this blog discusses the practical steps you can take to validate your network security controls against known Russian tactics, techniques, and procedures to improve your security readiness. It walks readers through Russia-specific emulations included in the AttackIQ Network Control Validation module.

Attack Graph Response to US CERT AA22-074A: Russia-based actors disabling multi-factor authentication (MFA)  

AttackIQ has released a new attack graph to emulate Russia-based threat actors as they exploit multi-factor authentication protocols to disable MFA. This blog describes the scenarios we have included in the new attack graph to emulate the adversary and then, to inform a purple team construct for cyberdefense operations, it provides detection and mitigation recommendations that you can use to improve your security program effectiveness. Read on for more.

Testing with Realism: Attack Flows and AttackIQ Attack Graphs  

AttackIQ and the Center for Threat-Informed Defense are furthering the art of adversary emulation with the Center's new Attack Flow project. Building on our deep research partnership with the Center, AttackIQ's Attack Graphs emulate the adversary with specificity and realism to test advanced cyberdefense technologies against multi-stage attacks. Read on for more.

Preparing for Known Russia-based Cyberthreats Using MITRE ATT&CK and AttackIQ

To prepare for a potential cyberattack from Russia-based actors, you can begin by testing your security controls against known adversary tactics. The vast majority of cyberattacks use tactics and techniques that have been employed in the past. This blog walks you through key known tactics and techniques, and highlights scenarios in the AttackIQ Security Optimization Platform that you can use today to test your defenses and improve your cybersecurity readiness.

The Center for Threat-Informed Defense: Impacting the Public Good

The Center for Threat-Informed Defense is transforming the practice of cybersecurity and elevating security teams' performance all over the world. This blog post looks at research highlights from Center's retrospective 2021 Impact Report, explains why the Center is so important to us at AttackIQ, and shows security teams how to elevate their program performance using a range of free educational resources derived from the Center's research.

The trick to handling ransomware: prepare  

Ransomware is a vexing challenge and attacks have doubled since 2020, but there is a path out of the problem. In this new guide, Countering Ransomware with MITRE ATT&CK, AttackIQ outlines clear, practical steps to test and validate that your security program performs against ransomware. The trick is to prepare, and the path to follow is a threat-informed defense. Check it out and come join us for a technical demonstration of our ransomware capabilities on January 27.