Searchlight Cyber integrates MITRE ATT&CK Mapping into DarkIQ for dark web monitoring
Searchlight Cyber has integrated the MITRE ATT&CK Enterprise Framework into its dark web monitoring solution, DarkIQ. Aligning actionable dark web intelligence with a universally understood cybersecurity framework empowers all cybersecurity teams, irrespective of size, to contextualize ongoing threats and respond with recommended mitigations – further enhancing the value of dark web monitoring for identifying cyberattacks.
Dark web intelligence helps organizations to identify and pre-empt cybersecurity threats when hackers are in the early stages of their attack. However, teams can face difficulties in translating this insight into tangible actions – often due to lack of context, time, and resource constraints. Security teams have to move quickly to stop a cyberattack and this update enables them to act faster by giving them the context they need, in a language they understand.
MITRE ATT&CK is a public framework that promotes more effective cybersecurity by collating a huge volume of insight around attack methods and suggested responses. The framework is used by many organizations as a guide to help determine the best practice response to a security threat.
In particular, MITRE ATT&CK Mapping in DarkIQ helps organizations identify threats in the first two stages of the Enterprise Framework: the reconnaissance and resource development stages of the MITRE ATT&CK framework. These planning phases of a cyberattack – which often take place on the dark web – are the only stages where organizations can respond before their network is breached. Greater ability to identify threats at this stage therefore gives security teams a better chance of preventing, rather than just responding to cyberattacks.
Dr Gareth Owenson, CTO of Searchlight Cyber explained: “Identifying the dark web threats to your organization is vital, but it’s what you do with that early warning that matters. Without having the knowledge of which mitigating actions to take based on dark web intelligence, organizations miss an opportunity to prevent a cyberattack before it has a chance to impact their business. By incorporating the MITRE ATT&CK Enterprise Framework into our DarkIQ platform, we are arming cybersecurity teams of all abilities with actionable next steps that they can use to respond to active threats, quicker.”