<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2659386&amp;fmt=gif">
Talk to an expert
Next-gen-hero
How We Help

MITRE ATT&CK

The MITRE ATT&CK framework provides a taxonomy of adversarial TTPs. Cysiv SOC-as-a-Service leverages it through its platform, to help answer three important questions for clients:

The dashboard profiles over 200 Techniques across the 14 Tactic categories. Until a data source is selected, each of them appears grey.

Cysiv - Mitre - 0 - Dashboard

One Data Source: With the addition of firewall telemetry (e.g., Juniper), Cysiv is able to now detect 33 of the ~213 techniques (green) as part of its SOC-as-a-Service.

Cysiv - Mitre - 1 - Firewall

Two Data Sources: With EDR telemetry (e.g., Crowdstrike) added to firewall data, Cysiv is able to now detect 62 of the ~213 techniques (green).

Cysiv - Mitre - 2 - Firewall + EDR

Three Data Sources: Windows Sysmon and Events + EDR + Firewall = 158 of the ~213 techniques.

Cysiv - Mitre - 3 - Firewall + EDR + Windows

Four Data Sources: Google Workspace + Windows Sysmon and Events + EDR + Firewall = 160 of the ~213 techniques.

Cysiv - Mitre - 4 - Firewall + EDR + Windows + Google

Are you able to detect and respond to the most common TTPs?

 

Cysiv experts have a deep understanding of the detection value of different data sources, which is critical to ensuring the effectiveness and efficiency of modern threat detection and response.

 

Request a Demo Today