[vFeed Professional Weekly Update] Support to Mitre ATT&CK, CAPEC mitigations and other stories

    We are continuing our quest to implement new great features and make the vFeed Professional Services more effective.

    Here the summary of this weekly update:

    • Support of the Mitre ATT&CK initiative
    • CAPEC data enrichement with “mitigations”
    • Addition of newest OVAL sources
    • Python 3.x API update

    Introducing the Mitre ATT&CK support

    MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected.

    (Example of CVE-2017-0154 export with Mitre ATT&CK id T1055)

    Now you can leverage the vFeed Professional services unique approach to validate your controls against vulnerabilities mapped with the ATT&CK identifiers.  Therefore vFeed can act like an accelerator for more efficient comprehensive analysis to connect mitigations, weaknesses, adversaries with patches, exploits and vulnerability data.

    For this first release, we have added the support to Enterprise tactics and techniques.

    CAPEC mitigations

    To stay aligned with the philosophy introduced by the ATT&CK initiative, we have implemented the CAPEC risk mitigations. Alongside the ATT&CK framework, the CAPEC mitigations will significantly
    reduce the processes to identify solutions and will extend the depth of the risk validation effort.  

    (Example of CVE-2017-0154 export with CAPEC mitigation)

    New OVAL sources

    Another source of OVAL have been implemented to extend the ability to check for other Operating Systems vulnerabilities using the OVAL compliant scanner. This new source brings the overall total of OVAL unique identifiers to 150.000+.

    Python 3.x API updates

    A new release 0.9.6 of the Python 3.x API was issued to handle all these changes. Read the full changelog.