MITRE ATT&CK

AttackIQ’s alignment to the MITRE ATT&CK® framework and our deep partnership with MITRE Engenuity’s Center for Threat-Informed Defense set us apart from the pack when it comes to adversary emulation. Through cutting-edge research informed by the best minds in cybersecurity, AttackIQ helps you achieve comprehensive cybersecurity readiness through realistic and specific adversary emulations. We bring the deepest library of MITRE ATT&CK adversary behaviors to life to validate your cybersecurity readiness through the Anatomic Engine, the Network Control Validation Module, AttackIQ Vanguard, and our bespoke assessments. MITRE ATT&CK underpins it all.


Platform Alignment
to MITRE ATT&CK

Successful adversary emulation and assessments require a deep alignment with the ATT&CK framework of known threat behaviors. With the AttackIQ Security Optimization Platform and AttackIQ’s unique Anatomic Engine, your teams can move forward with confidence, knowing that they are exercising your security program against the latest adversary tactics, techniques, and sub-techniques to test your controls with realism and specificity at every step in an attack.


Zero Trust and ATT&CK

A zero trust architecture stops intruders in their tracks — but only if it works. An untested cybersecurity program presents a risk to your business. So how can you ensure that your zero trust investments perform as they should? We have aligned behaviors in the MITRE ATT&CK framework to elements of a zero trust architecture to achieve validated zero trust.

“Since its publication in 2015, the MITRE ATT&CK® framework has become the common language describing real-world adversary behaviors. With the advent of zero trust architectures, it is even more critical that everyone in an organization is working from the same playbook of actual threats. The shared understanding of how adversaries operate provided by ATT&CK is essential – from the design of secure systems through the continuous evaluation of the effectiveness of security controls and capabilities.”

Compliance Optimization
and ATT&CK

Global risk and compliance analysis eats up resources each day, but the path can be made easier. By aligning adversary behaviors in the MITRE ATT&CK framework to key compliance frameworks like NIST 800-53, you can test, measure, and validate your compliance effectiveness, drive down the reporting burden, and use granular performance data to show auditors how well your security program performs against real-world threats. Compliance on its own doesn’t equal security, but with ATT&CK as base, you can align threat and risk management and optimize your compliance process.

The CISO’s Guide to NIST Security Control Compliance

An historic evolution has occurred in cybersecurity planning and operations to improve security compliance effectiveness. In late 2020, MITRE Engenuity’s Center for Threat-Informed Defense mapped the security controls in the National Institute for Standards and Technology (NIST) 800-53 framework to the adversary behaviors described by the MITRE ATT&CK (Adversary Tactics, Techniques and Common Knowledge) framework.

MITRE ATT&CK and Cloud Security

Organizations have moved rapidly to adopt cloud infrastructures without a commensurate strategy for securing cloud infrastructures. Today cyberdefenders lack visibility into how adversaries operate against cloud technologies, and that leaves organizations exposed to threats. On the basis of innovative research from MITRE Engenuity’s Center for Threat-Informed Defense, you are now able to leverage the ATT&CK framework against security controls within Amazon Web Service (AWS) and Microsoft Azure to optimize cloud security effectiveness. AttackIQ contributed directly to the new cloud matrix — defining how it should be laid out, as well as the separation between infrastructure as a service and SaaS as a service. The project includes AWS, Azure, GCP, Dropbox, Office 365, and other SaaS technologies.



Learn about AttackIQ’s Anatomic Engine and ATT&CK

In Cybersnacks Episode 5, Paula Pedret fuels up with some almonds and gets down to the nitty gritty of AttackIQ’s Network Control Validation (NCV) Module. In less than 15 minutes, learn how this new capability supports end-to-end validation of network-deployed security controls and gives technology-specific remediation guidance, ensuring that customers get the most out of their cyberdefense investments.