MITRE Corporation has released the tenth version of ATT&CK, its globally accessible knowledge base of cyber adversary tactics and techniques based on real-world observations.
“The data source object features the name of the data source as well as key details and metadata, including an ID, a definition, where it can be collected, what platform(s) it can be found on, and the data components highlighting relevant values/properties that comprise the data source,” MITRE ATT&CK Content Lead Amy L. Robertson and cybersecurity engineers Alexia Crumpton and Chris Ante explained.
The complete release notes for MITRE ATT&CK v10 can be found here.
About MITRE ATT&CK. MITRE ATT&CK is used by the Cybersecurity and Infrastructure Security Agency and the FBI, as well as by over 80 percent of enterprises for threat investigation.
There are several ways it can be used to improve organizational security, and MITRE has recently released an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber adversary behavior, as well as share their particular insights with other organizations.
CISA, the Homeland Security Systems Engineering and Development Institute and MITRE have also released best practices for cyber threat intelligence analysts to make better use of the framework-.