{"id":2752,"date":"2018-06-09T15:33:53","date_gmt":"2018-06-09T15:33:53","guid":{"rendered":"http:\/\/websecuritypatterns.com\/blogs\/?p=2752"},"modified":"2018-08-09T16:12:21","modified_gmt":"2018-08-09T16:12:21","slug":"attck-navigator-for-studying-adversary-tactics","status":"publish","type":"post","link":"https:\/\/websecuritypatterns.com\/blogs\/2018\/06\/09\/attck-navigator-for-studying-adversary-tactics\/","title":{"rendered":"ATT&#038;CK Navigator: Studying Cyberthreat intelligence from adversary tactics and exploits"},"content":{"rendered":"<p>Since inception, I had been following MITRE&#8217;s ATT&amp;CK Navigator knowledge base for studying (threat modeling) pre and post-exploit techniques on Web, Mobile and Enterprise applications more particularly running on Windows and Linux systems. Indeed, it is a great resource for understanding the devil in the details of attack techniques and simulate it from simple hacking credentials from the initial access to exfiltration and till command &amp; control. You can study and understand how adversaries launch and execute attacks and evolve a defense strategy based on the threats we potentially face.<\/p>\n<p>MITRE announced the version 2 of the ATT&amp;CK Navigator last week (l believe last week of May 2018).<\/p>\n<div id=\"attachment_2758\" style=\"width: 1903px\" class=\"wp-caption alignleft\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-2758\" class=\"size-full wp-image-2758\" src=\"http:\/\/websecuritypatterns.com\/blogs\/wp-content\/uploads\/2018\/06\/ATTACK.png\" alt=\"\" width=\"1893\" height=\"1125\" srcset=\"https:\/\/websecuritypatterns.com\/blogs\/wp-content\/uploads\/2018\/06\/ATTACK.png 1893w, https:\/\/websecuritypatterns.com\/blogs\/wp-content\/uploads\/2018\/06\/ATTACK-768x456.png 768w, https:\/\/websecuritypatterns.com\/blogs\/wp-content\/uploads\/2018\/06\/ATTACK-624x371.png 624w\" sizes=\"auto, (max-width: 1893px) 100vw, 1893px\" \/><p id=\"caption-attachment-2758\" class=\"wp-caption-text\">MITRE Enterprise ATT&amp;CK Framework for Cyber Threat Intelligence<\/p><\/div>\n<p>To try and review each layer and define your custom attack matrix, you can interactively create layers within the Navigator or programmatically and then visualized via the Navigator.<\/p>\n<p>For accessing Navigator from your browser:<\/p>\n<p>https:\/\/mitre.github.io\/attack-navigator\/enterprise\/<\/p>\n<p>For accessing Navigator using Mobile:<\/p>\n<p>https:\/\/mitre.github.io\/attack-navigator\/mobile\/<\/p>\n<p>Check out these URLs of ATT&amp;CK Matrix for <a href=\"https:\/\/attack.mitre.org\/wiki\/Linux_Technique_Matrix\">Linux<\/a>, <a href=\"https:\/\/attack.mitre.org\/wiki\/Windows_Technique_Matrix\">Windows<\/a>, <a href=\"https:\/\/attack.mitre.org\/wiki\/Mac_Technique_Matrix\">Mac<\/a>&#8230;.Will post more details on how to simulate an attack&#8230; soon.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Since inception, I had been following MITRE&#8217;s ATT&amp;CK Navigator knowledge base for studying (threat modeling) pre and post-exploit techniques on Web, Mobile and Enterprise applications more particularly running on Windows and Linux systems. Indeed, it is a great resource for understanding the devil in the details of attack techniques and simulate it from simple hacking credentials from the initial access&#8230; <a href=\"https:\/\/websecuritypatterns.com\/blogs\/2018\/06\/09\/attck-navigator-for-studying-adversary-tactics\/\">Read more &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[15,85,5,21,9,86,84],"tags":[113,111,112],"class_list":["post-2752","post","type-post","status-publish","format-standard","hentry","category-cloud-security","category-dosddos","category-identity-management","category-java-security","category-security","category-threat-profiling","category-web-security","tag-attck","tag-threat-modeling","tag-web-security"],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts\/2752","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/comments?post=2752"}],"version-history":[{"count":3,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts\/2752\/revisions"}],"predecessor-version":[{"id":2759,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts\/2752\/revisions\/2759"}],"wp:attachment":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/media?parent=2752"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/categories?post=2752"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/tags?post=2752"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}