in , , ,

Mitre Unveils Open-Source Tool ‘Workbench’ to Help Users Extend Local ATT&CK Knowledge Base

Mitre Unveils Open-Source Tool 'Workbench' to Help Users Extend Local ATT&CK Knowledge Base - top government contractors - best government contracting event

Mitre has introduced an open-source tool that seeks to help organizations ensure that their threat intelligence and tactics, techniques and procedures are aligned with the ATT&CK knowledge base, a framework of tactics and techniques used by threat defenders to classify cyberattacks and assess and organization’s risk.

The ATT&CK Workbench enables users to create, explore, annotate and share extensions of their local knowledge of cyber adversaries with the greater ATT&CK user community to facilitate collaboration, Jon Baker, director of research and development for the Center for Threat-Informed Defense at Mitre Engenuity, wrote in an article posted Tuesday.

Workbench comes with note-taking capabilities to allow users to annotate their copies of ATTT&CK. Notes could enable users to share informal knowledge within an organization, record potential knowledge and facilitate collaboration in development workflows.

The tool could allow users to create and extend ATT&CK data in a local knowledge base and Baker said such a capability enables several uses cases, such as documenting groups or software that target a specific organization, forming red-team techniques and creating a matrix with new tactics and techniques outside of the ATT&CK knowledge base’s scope.

With Workbench, users can tag objects as “reviewed,” “awaiting review” or work in progress and explore the history of an object to track changes.

The Center for Threat-Informed Defense developed the tool through a research project sponsored by Verizon, Microsoft, JPMorgan Chase, HCA Healthcare and AttackIQ.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

Iridium Offers L-Band Broadband Service for Land, Maritime Applications - top government contractors - best government contracting event
Iridium Offers L-Band Broadband Service for Land, Maritime Applications
Daniel Teklu Elevated to Technical Director Role at GRSi; Diane Yarnell Quoted - top government contractors - best government contracting event
Daniel Teklu Elevated to Technical Director Role at GRSi; Diane Yarnell Quoted