McLean, Va. & Bedford, Mass. (April 19, 2022) — MITRE Engenuity, MITRE’s tech foundation for public good, announced that MITRE ATT&CK DefenderTM (MAD), the cybersecurity community’s MITRE ATT&CK® training and certification program, is launching new purple teaming offerings, including threat hunting and adversary emulation credentials along with version 2.0 of its platform, now with a cyber range, to empower threat-informed defenders.
“One of the biggest benefits provided by purple teaming is that it leads to meaningful and actionable insight for the defenders”, says Steve Luke, director of training and certification, with MITRE Engenuity. “It clearly shows them their current posture, both strengths and weaknesses, against real-world TTPs (tactics, techniques, and procedures) to see what is and isn’t working to make the appropriate modifications.”
Version 2.0 of the MAD platform delivers a streamlined user experience and access to a cyber range thanks to a new joint initiative between CYBER RANGES and MITRE Engenuity, giving learners access to the CYBER RANGES next-generation cyber range platform. CYBER RANGES fully supports ATT&CK across its entire cyber range architecture. Through its Injector Engine, CYBER RANGES automatically can emulate the latest cyber threat intelligence-based attacks, advanced persistent threats (APTs), and specific tactics and exploits. Initially, MAD subscribers can access practice labs running on CYBER RANGES. New practitioner-level assessments and certifications are coming soon and will offer MAD subscribers a new way to prove their mastery of adversary emulation and threat hunting concepts.
Dr. Al Graziano, CEO for CYBER RANGES, commented, “We are delighted that MITRE Engenuity has selected CYBER RANGES as the cyber-range-of-choice for MAD 2.0. Our research, innovation, and community values very closely align with those of MITRE Engenuity’s MAD team. Our collaboration stems from our novel ‘top 10 abilities’ approach, which focuses on observable, measurable abilities to validate cybersecurity talent, and the underpinning TOAR platform, which supports strong cyber defense development ecosystems based on threat intel, next-gen cyber ranging and incident response.”
The MAD certification and training program, with more than 33,000 users and counting from across 90 countries and more than 1,600 companies, helps close the persistent cybersecurity skill gap to enable defenders to gain the advantage over adversaries. These new MAD training and certification resources come in addition to the 10 learning modules and two certifications that were already offered: ATT&CK SOC Assessments and ATT&CK Cyber Threat Intelligence.
“Not only will these hands-on training resources greatly benefit cybersecurity professionals on an individual basis, they also will provide greater peace of mind for organizations as a whole,” says Chriss Knisley, general manager, MITRE ATT&CK Defender, MITRE Engenuity. “The whole idea behind purple teaming is enhanced collaboration, and now, with the new training capabilities, security teams can work more closely together to successfully defend their organizations from the latest adversarial tactics and techniques.”
With the new offerings, MAD delivers cyber practitioners the ability to demonstrate their mastery of using MITRE ATT&CK in practical ways for SOC assessment, cyber threat intelligence, adversary emulation, threat hunting and purple teaming. MITRE ATT&CK provides a common language for each discipline to communicate with each other more effectively and better understand real-world adversary behaviors to better defend their networks and critical systems.
About MITRE Engenuity
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.
MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, investing in pandemic preparedness, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense.
About CYBER RANGES
CYBER RANGES is the ISO27001 certified state-of-the-art next-generation military-grade full-content-lifecycle platform for the validation of threat-informed cyber defense capability and cyber resilience. Built on cloud technology, CYBER RANGES applies high automation, high orchestration and high scalability to the delivery of even complex large-audience deep-dive drills based on high-fidelity IT/OT infrastructure replicas. Through TOAR (Training Orchestration, Automation and Response), CYBER RANGES combines threat intelligence, next-generation cyber ranging, and incident response platforms into an effective IT/OT cybersecurity ecosystem. CYBER RANGES is available as subscription-based, as managed service, as on-premise with a portable rugged deployment option.
Lisa Fasold, MITRE