This key contribution from ExtraHop provides new guidance for organisations as they integrate NDR into their security operations. It also builds on the company’s leadership around the MITRE ATT&CK framework, which is natively integrated into the ExtraHop Reveal(x) 360 interface.
MITRE ATT&CK is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, government, and the cybersecurity product and service community. The growing body of network attack behaviours in the MITRE ATT&CK framework serves as both a useful resource and a strong signal for organizations that NDR is a vital tool for detecting and responding to advanced threats.
“ExtraHop was one of the companies that contributed to our development of ATT&CK for Containers,” said Justin Roberts, cloud/containers lead for the MITRE ATT&CK team. “As we all work to help companies stay protected against attacks using knowledge bases like ATT&CK as a common language, contributors like ExtraHop, with expertise and experience with real-world attacks, help us support the security community in reaching that goal.”
"ExtraHop has admired the work the MITRE team has been doing for years, and we’re honoured to have been able to contribute to the latest version of the ATT&CK framework,” said Jeff Costlow, CISO, ExtraHop. "But the work isn’t over. Cyber attacks are only growing more sophisticated, and we must remain proactive and vigilant. That’s why we’re committed to continuing to work alongside MITRE, as well as our customers and partners, to continue identifying new attack techniques and developing ways to detect, investigate, and respond to them quickly."
To learn more about how ExtraHop and MITRE work together, check out the blog here.
To try ExtraHop Reveal(x) for yourself, check out the live interactive online demo.
ExtraHop is on a mission to arm security teams to confront active threats and stop breaches. Our Reveal(x) 360 platform, powered by cloud-scale AI, covertly decrypts and analyses all cloud and network traffic in real time to eliminate blind spots and detect threats that other tools miss. Sophisticated machine learning models are applied to petabytes of telemetry collected continuously, helping ExtraHop customers to identify suspicious behaviour and secure over 15 million IT assets, 2 million POS systems, and 50 million patient records. ExtraHop is a market share leader in network detection and response with 30 recent industry awards including Forbes AI 50, Cybercrime Ransomware 25, and SC Media Security Innovator.
Stop Breaches 84% Faster. Get Started at www.extrahop.com/demo