Overview


About the MITRE ATT&CK Report

As the cyber industry standardizes on the MITRE ATT&CK framework we also acknowledge vulnerability management by itself is not enough. We are working to integrate both to expand your command over CVEs. The Vulcan Cyber Voyager18 research team has mapped relevant ATT&CK Techniques to CVEs through a combination of machine learning and textual analysis. Read the white paper here.


The Vulcan Cyber analytics team has taken the MITRE Mapper service one step further to deliver a dedicated MITRE ATT&CK report.

Highlights:

  • Align your vulnerability and risk management program to the MITRE ATT&CK matrix to help implement a best-practice approach to risk prioritization and mitigation.

  • Map vulnerabilities in your environment to specific MITRE Tactics and Techniques using your preferred criteria and filters.

  • Drill down into vulnerability details to take informed action.


Before you dive in

First, make sure you cover the Analytics Filters and Data Drilling to learn about the expected behavior of the trends and presented data.


Vulnerability Instances by ATT&CK tactic and risk level

This bar stack widget presents the count of the vulnerability instances in your environment classified by ATT&CK Tactic and stacked by risk level.

  • Click on a tactic or a stack of vulnerability instances to focus the other widgets on the correlated data.


Vulnerability Instances by ATT&CK Tactic & Technique

This matrix presents the count of vulnerability instances arranged into Tactics and Techniques.

  • Hover over an element in the matrix to view the Max Risk and count of unique vulnerabilities.

  • Click on an element in the matrix table cells to filter the other widgets and focus on the correlated data.

  • Click to expand a technique to view a breakdown of the vulnerability instances by Tactics and Business Group. For example, when expanding the Compromise Client Software Binary Technique, we learn that the Cloud-env Business Group has 393 vulnerability instances that are categorized under the Persistence tactics and the Compromise Client Software Binary technique.

Click a Business Group to filter the other widgets and focus on the correlated data.


Unique Vulnerabilities by Technique

An interactive list of unique vulnerabilities affected by the data and elements selection in the other widgets.
This list of unique vulnerabilities displays risks in statuses “Vulnerable” and “In Progress” only. The list doesn’t display “Ignored” vulnerabilities or in Exception Request.

  • Click on the vulnerability hyperlink for more details and to take remediation actions.


Analytics FAQ and Data Validation

Read our Analytics FAQ and Data Validation article here.

Did this answer your question?