Mapping CVE Records to the ATT&CK Framework
CYR3CON and the team at Tag Cyber have published a new report outlining the enterprise security...
Exploring Malicious Hacker Communities: Background
The second of three posts from our guest author, Dr. Ericsson Marin focusing on the upcoming...
Exploring Malicious Hacker Communities: Introduction
Welcome guest author Dr. Ericcson Marin to the CYR3CON blog! We're excited to share a few...
ATT&CK and Vulnerability Management Part 6: A Holistic Approach
Over the previous five posts in this series, we looked at both the MITRE ATT&CK and CVE...
ATT&CK and Vulnerability Management Part 5: Disrupting Attack Sequences through Vulnerability Management
In our last post, we showed how CYR3CON mapped relationships among ATT&CK techniques using tools...
Docker/Kubernetes Part 6: Common Weakness Enumeration (CWE)
For our sixth and final post in this series about Docker and Kubernetes, we take a look at how...
ATT&CK and Vulnerability Management Part 4: Using Intelligence to Generate Attack Sequences
In the past few articles, we discussed how mapping ATT&CK techniques to CVE’s can help...
ATT&CK and Vulnerability Management Part 3: Considerations in Aligning CVEs and ATT&CK Techniques
In our last article, we discussed why one would want to align CVEs with ATT&CK techniques. In...
Docker/Kubernetes Part 5: Docker in Detail
Our fifth post in this series, covering details of Docker, is the complement to part four. Once...