MITRE’s CTNS names five national security officials to its newly established advisory board
MITRE’s Center for Technology & National Security (CTNS), created to enhance MITRE’s engagement with senior government leadership, named five highly esteemed national …

Guardicore Infection Monkey now maps its actions to MITRE ATT&CK knowledge base
Guardicore unveiled new capabilities for its open source Infection Monkey breach and attack simulation tool, used by thousands to review and analyze how their environments may …

CWE list now includes hardware security weaknesses
The Mitre Corporation has released version 4.0 of the Common Weakness Enumeration (CWE) list, which has been expanded to include hardware security weaknesses. About CWE The …

ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries
MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation’s most critical …
MITRE Engenuity to strengthen critical infrastructure
MITRE has launched a tech foundation to advance its mission of solving problems for a safer world by working with the private sector to strengthen critical infrastructure. The …
SentinelOne integrates the MITRE framework with its ActiveEDR and Ranger IoT capabilities
SentinelOne, the autonomous endpoint protection company, announced new EDR capabilities that take its integration with the MITRE ATT&CK framework to the next level. …
ThreatConnect Platform now supports MITRE ATT&CK framework
ThreatConnect, provider of the industry’s only intelligence-driven security operations platform announces the support of the MITRE ATT&CK framework, a globally-accessible …
ThreatQ adds support for mobile and PRE-ATT&CK in response to rapid customer adoption
ThreatQuotient, a leading security operations platform innovator, announced that the ThreatQ integration with MITRE ATT&CK now includes support for PRE-ATT&CK and …
MITRE’s ATT&CK to assess cybersecurity products based on APT29/Cozy Bear/The Dukes
MITRE’s ATT&CK Evaluations program will assess commercial cybersecurity products based on techniques used by APT29/Cozy Bear/The Dukes. Cybersecurity analysts believe the …

Supply chain attacks: Mitigation and protection
In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical …
EclecticIQ integrates with MITRE’s ATT&CK framework
EclecticIQ announced the integration with MITRE’s ATT&CK (adversarial tactics, techniques, and common knowledge) Framework. The integration allows insights into …

Still relying solely on CVE and NVD for vulnerability tracking? Bad idea
2017 broke the previous all-time record for the highest number of reported vulnerabilities. The 20,832 vulnerabilities cataloged during 2017 by Risk Based Security (VulnDB) …
Featured news
Resources
Don't miss
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations
- How Kim Crawley challenges big tech in “Digital Safety in a Dangerous World”
- Google strengthens secure enterprise access from BYOD Android devices