All news with #mitre att&ck tag

Vulnerability-Informed Hunting: Nexus of Risk and Intel

🔎 Vulnerability-informed hunting transforms static vulnerability scans into dynamic intelligence by enriching CVE data with asset context, exploit activity and threat feeds. The article shows how mapping vulnerabilities to adversary behaviors (for example, Log4Shell, ProxyShell and Zerologon) lets teams run focused hunts that detect exploitation or reveal telemetry gaps. It advocates a continuous loop where hunts inform detection engineering, improving logging, SIEM content and overall resilience.

Aligning Security Architecture with Cyber Risk Governance

🔐 The author contends that cyber risk failures are often architectural and cultural, not purely technological, and argues for an ongoing cyber risk management process integrated with information security governance. He outlines a practical, strategic recipe—stakeholder mapping, framework selection (e.g., NIST CSF, ISO 27001), KPIs/KRIs, asset and threat assessments, and guardrails for cloud and generative AI workloads. The piece stresses building a mature risk culture, aligning GRC with the CISO role, enforcing technical controls and secure development practices (SAST/DAST/SCA), and running tabletop exercises to improve resilience and compliance with laws such as GDPR, CCPA and LGPD.

CISA Releases Open-Source Eviction Strategies Tool

🛡️CISA published a no-cost Eviction Strategies Tool, developed with MITRE, to help cyber defenders build tailored incident response plans and adversary eviction strategies within minutes. The package includes COUN7ER, a database of atomic post-compromise countermeasures, and the Cyber Eviction Strategies Playbook NextGen web app to match findings to countermeasures. It exports results in JSON, Word, Excel and markdown and is available under the MIT Open Source License.