We are continuing our quest to implement new great features and make the vFeed Professional Services more effective.
Here the summary of this weekly update:
- Support of the Mitre ATT&CK initiative
- CAPEC data enrichement with “mitigations”
- Addition of newest OVAL sources
- Python 3.x API update
Introducing the Mitre ATT&CK support
MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected.
(Example of CVE-2017-0154 export with Mitre ATT&CK id T1055)
Now you can leverage the vFeed Professional services unique approach to validate your controls against vulnerabilities mapped with the ATT&CK identifiers. Therefore vFeed can act like an accelerator for more efficient comprehensive analysis to connect mitigations, weaknesses, adversaries with patches, exploits and vulnerability data.
For this first release, we have added the support to Enterprise tactics and techniques.
(Example of CVE-2017-0154 export with CAPEC mitigation)