ATT&CK Integration into Veris v1
This is ATT&CK Integration into Veris Release v1. View the current release.
Project Summary
Published : Aug 26, 2021
This project created a mapping and translation layer between VERIS and ATT&CK that allows ATT&CK to describe the adversary behaviors that were observed in an incident coded in VERIS. This creates the opportunity for a joint analysis of the information that ATT&CK describes well (the behaviors adversaries use to attack systems) alongside the incident demographics and metadata that VERIS describes well.
View the most current release of ATT&CK Integration into VERIS
Problem
Users of the VERIS data model lack a well-defined way to link incidents described in VERIS to the underlying adversary TTPs used in that incident.
SOLUTION
Build and document a common and open method to link data in VERIS format to specific ATT&CK TTPs.
IMPACT
Empowers defenders to efficiently tie adversary TTPs to their real-world impact by connecting ATT&CK-based threat intel to VERIS-based incident reports.
Project Resources:
funding Research Participants
Share This Project
Stay Informed
Stay informed about new releases of R&D projects and other exciting updates from the Center for Threat-Informed Defense.