The MITER Engage framework provides defense strategies for the cyber defense community

MITER launched MITER Engage, a framework for communicating and planning cyber adversary engagement, deception and denial activities.

Informed by observed adversary behavior in the real world, Engage helps information security officers (CISOs), cyber defenders, and vendors implement defense strategies.

Opponent engagement and deception operations can halve the cost of a data breach, waste adversary time, and make it easier to detect attackers. Engage is the MITER ATT&CK framework, which allows practitioners to quickly identify an attacker’s vulnerabilities when using a specific ATT&CK technique and how to take advantage of those vulnerabilities.

“Engage is about empowering the cyber defense community,” said Maretta Morovitz, MITER Engage Manager. “Every day, adversaries launch cyberattacks. Some will always get through. Higher walls are not the complete solution. We need to stop what we can and be willing to engage with those who get away with it. With traditional cyber defense, the adversary only needs to be right once, but with cyber deception, the adversary only needs to be wrong once.

Building on MITER’s Shield framework and over 10 years of operational experience, Engage defines common terminology for the cyber defense community. More than a matrix, the Engage Toolkit featured on the website also includes a guide, starter kit, worksheets, posters, and other resources to reduce planning barriers while increasing engagement. expertise. CISOs can use Engage to create a business protection strategy, advocates can use it to implement that strategy, and vendors can use it to align their products with their users’ goals.

Over the past year, MITER has hosted a series of focus groups with vendors, advocates, and CISOs to solicit feedback and insights into the development of Engage. MITER also conducts regular adversary engagement operations to inform and pilot the assets it posts to the Engage website. And MITER continues to gather community thoughts and feedback on how Engage can help defenders.

“Engaging goes beyond a framework. It dives deep and broad into the entire adversary engagement process, from planning to analysis,” Morovitz said. “Additionally, as we grow the Engage community, we can continually improve and refine our cyber threat defense research.”

Comments are closed.