这 威胁性防御中心,由Miter Engenuity操作TM值,释放了一组 映射在Azure本地的安全控制下 Infrastructure as a Service (IaaS) platform and MITRE ATT&CK®. This release represents the first in a collection of mappings of native product security controls to ATT&CK based on a common methodology, scoring rubric, data model, and tool set. With these resources the Center has established the foundation for systematically mapping security controls to ATT&CK and provided a critical resource for organizations to assess their Azure security control coverage against real-world threats as described in the ATT&CK knowledge base.
将Azure平台或Platformsecurity控件的任何主机映射到ATT&CK的安全堆栈是一种经常主观的工作。 Furthermore, due to the large number of security controls in any given security stack and the evolving nature of cyber adversaries, these mappings are often error prone and difficult to maintain. In collaboration with Center Participants (Attactiq,,,, 恩斯特和年轻美国,,,, Hcahealthcare,,,, 摩根大通,,,, 微软,,,, 美国国家银行协会,,,, Verizon and one other participant), the Center recognized that there was not only a need for these mappings, but an opportunity to work collaboratively and advance threat-informed defense with the global community. With over 45 Azure native security controls mapped, the Center believes that this work will greatly reduce the burden on the community, empowering defenders with independent data on which Azure controls are most useful in defending against the adversary TTPs they care about.
尼古拉斯·阿蒙(Nicholas Amon)和乔恩·贝克(Jon Baker)的一篇新博客文章详细描述了这项工作。