Publication Coming Soon
ATT&CK & D3FEND with a CAVEAT
Cybersecurity practitioners continue to search for adversarial threat models to drive system assessment and operational analytic development. While the Lockheed Martin Cyber Kill Chain intrusion model and the Microsoft STRIDE methodology have contributed to huge advancements in adversarial “Double Think”, MITRE’s ATT&CK® Framework was developed to provide more granular detail on adversarial tactics, techniques, and procedures (TTPs) with corresponding detections and mitigations. Still, developing an adversary perspective threat model that addresses all the mitigations demanded by NIST’s Cyber Security Framework (CSF) would appear to be an objective still out of reach. As MITRE’s D3FEND emerges to assist, the needs of the cloud security engineering industry are just becoming understood. The Cloud Security Alliance (CSA) and the MITRE Corporation have established the Cloud Adversarial, Vectors, Exploits, and Threats (CAVEaT) collaboration to bring more relevant content to the cloud security practice. This research will explore today’s available adversary perspective threat models relevant to cloud-based systems, examine their utility, and proposes a course of action for industry necessary to advance the state of the art for cloud adversary analysis.
This research document is still being finalized.
Please login to your account to request a notification when it becomes available.