Recently, the MITRE Corp. has released a guide that catalogs measures that organizations can take to combat and counter intruders on their networks. Much like MITRE’s ATT&CK Framework that offers a comprehensive listing of attacker behavior, the new Shield framework, is a publicly available knowledge base that outlines tactics and techniques for proactive defense measures for the listed attacks. The purpose behind this framework was to provide security practitioners with adversary details and tactics in order prepare and mount a more active defense against them.
Using the lessons learned from an adversary’s attack, the Shield Framework documents how the adversaries perform the attack, what tools they use, what they do after the breach, and even what they could be looking for. The document will allow security professionals to drill down on each of the cells, which shows techniques for containment of an adversary, information on each technique, and even potential use cases to detect them.
MITRE Corp. stated that they wanted to get people thinking about proactive defense measures as the driving force for creating the Shield Framework. Christina Fowler, Chief Cyber Intelligence Strategist at MITRE is quoted as saying "We've put Shield together to see if we can really get a conversation started about the benefit of active defense." It's definitely a conversation worth having and something we are passionate about in house at CyberForce|Q. Our goal is one in the same, striving to move organizations from a re-active to pro-active stance with their cybersecurity operations and bringing cybersecurity professionals together to share defensive techniques learned from experience. If you would like to change your cybersecurity posture to a more pro-active stance, we can help! Contact us today to find out where you stand and how we can help advance your cybersecurity operations. Move into the future of cyber!