Blog  

Leveraging MITRE ATT&CK | Threat Deception in A Minute

Our team works constantly to make the CounterCraft Cyber Deception Platform easy and intuitive to use. Many of the functions of the Cyber Deception Platform can be deployed with just a few clicks of the mouse. This new series, Threat Deception in a Minute, highlights just how simple it is to get powerful deception technology set up in your system. Whether you’re a current customer or wondering what it’s like to utilize deception, you’ll find these videos quick, interesting and helpful.

This is the third installment in the series Threat Deception in a Minute. In this quick video, we see how MITRE ATT&CK is 100% integrated into the CounterCraft platform. MITRE ATT&CK is an industry standard attacker behavior classification framework that links observable behavior to a series of standardized TTPs, which are organized into a matrix to provide context to an event.

This integration provides full classification of TTP type within the MITRE ATT&CK matrix. We also include additional custom TTPs that we have collected from our deception experience.

It’s easy it is to harness the power of MITRE ATT&CK within the CounterCraft platform. To set it up, all you have to do is:

1) Open the campaign in the Countercraft Cyber Deception Platform.

2) Check for notifications.

3) Each notification will display the event data that triggered it as well as the attacker behavior pattern detected.

4) View the MITRE TTPs involved, which are listed as tags and are also highlighted in the ATT&CK Matrix.

5) Click on the ATT&CK button from the Data Explorer to see the TTPs detected within a whole deception campaign.

Thanks to this integration with MITRE, it’s even easier to identify, classify and mitigate risk.

Watch the video to see the platform in action.

Threat Deception in a Minute | Leveraging MITRE ATT&CK
See just how simple it is to get powerful deception technology set up in your network

Like Jim Morrison said, this is the end. But you can...