Published : Apr 6, 2023
This project updates and expands the translation layer between VERIS and ATT&CK allowing ATT&CK to describe the adversary behaviors that were observed in an incident coded in VERIS. These connections allow for joint analysis of the information that ATT&CK describes well alongside the incident demographics and metadata that VERIS describes well.
Users of the VERIS data model lack a well-defined way to link incidents described in VERIS to the underlying adversary TTPs used in that incident.
Build and document a common and open method to link data in VERIS format to specific ATT&CK TTPs.
Empowers defenders to efficiently tie adversary TTPs to their real-world impact by connecting ATT&CK-based threat intel to VERIS-based incident reports.
Hear directly from research participants about this project and why it matters. Learn how these leaders are changing the game on the adversary.
Stay informed about new releases of R&D projects and other exciting updates from the Center for Threat-Informed Defense.