MITRE ATT&CK
Test Your ATT&CK
Before the Attack
Simulate an automated APT Attack for attack
evaluation and mitigation
The Challenge
Organizations are always looking for ways to get a better grip on what techniques adversaries are using and how to ensure the right mitigations are in place. Even when using the MITRE ATT&CK framework, the most definitive resource of hacker techniques available today, they often lack the expertise and resources required to put this threat theory into place. Some of the challenges they´re facing with include:
- Ability to tell whether their organization is threatened by a specific MITRE ATT&CK technique and if it is – whether they´d be able to detect or prevent it from occurring in their organization.
- Lack of experience and specific expertise required to assess their organizational security posture.
- Lack of resources required for building defenses based con MITRE ATT&CK models.
- Ability to understand the impact of threats and the risk they pose on the organization.
Key Benefits
Test network defenses
Security teams can quickly and safely test network defenses and understand how they map to specific advanced persistent threats.
Get ATT&CK Analysis Report
The MITRE ATT&CK report maps the Infection Monkey attack results to the MITRE ATT&CK framework, allowing users to quickly discover internal vulnerabilities and rapidly fix them.
Works on every environment
Discover security gaps across all environments – bare metal, public and private clouds and even containers.
Don´t wait for an audit!
Don´t wait for an audit! Test your network on a regular basis against MITRE techniques and get the info you need on each technique to prepare for the next attack.
Features
- ATT&CK status report that shows you how the Monkey rates your network against the MITRE ATT&CK techniques it attempted.
- Wide coverage for tactics per each MITRE ATT&CK technique.
- Suggested mitigations along with detailed walkthrough of the attack.
- Monkey engages in various scanning, fingerprinting and post-breach activities. Check out the complete list of techniques in our documentation.
How it works
the MITRE ATT&CK knowledge base and then provide a report that:
- Rates your network based on its resilience to each of these attacks.
-
Describes how the attack
was attempted.
-
Provides prescriptive advice
on how to mitigate it.
For more information
Supported Platforms:
What MITRE ATT&CK techniques the Infection Monkey uses?
The MITRE ATT&CK matrix consists of tactics and techniques. Tactics represent the “why” – What objective did the attacker try to achieve with a specific attack method? Each tactic consists of an array of techniques that represent the “how” – how the attackers implemented the specific tactic?.
An example of a tactic is Privilege Escalation. One of its techniques is Process Injection, referring to how a bad actor is using process injection to escalate privileges.
Learn More about the Infection Monkey
Explore the Zero Trust Analysis Report.
Evaluate your Zero Trust gaps against the Forrester ZTX framework.
