BLOG

Exploring Malicious Hacker Communities: Predicting Imminent Cyber Threats

Cyber attacks don't come out of nowhere - although people still believe this chaotic scenario...

Mapping CVE Records to the ATT&CK Framework

CYR3CON and the team at Tag Cyber have published a new report outlining the enterprise security...

Exploring Malicious Hacker Communities: Background

The second of three posts from our guest author, Dr. Ericsson Marin focusing on the upcoming...

Exploring Malicious Hacker Communities: Introduction

Welcome guest author Dr. Ericcson Marin to the CYR3CON blog! We're excited to share a few...

ATT&CK and Vulnerability Management Part 6: A Holistic Approach

Over the previous five posts in this series, we looked at both the MITRE ATT&CK and CVE...

ATT&CK and Vulnerability Management Part 5: Disrupting Attack Sequences through Vulnerability Management

In our last post, we showed how CYR3CON mapped relationships among ATT&CK techniques using tools...

Docker/Kubernetes Part 6:  Common Weakness Enumeration (CWE)

For our sixth and final post in this series about Docker and Kubernetes, we take a look at how...

ATT&CK and Vulnerability Management Part 4: Using Intelligence to Generate Attack Sequences

In the past few articles, we discussed how mapping ATT&CK techniques to CVE’s can help...

ATT&CK and Vulnerability Management Part 3: Considerations in Aligning CVEs and ATT&CK Techniques

In our last article, we discussed why one would want to align CVEs with ATT&CK techniques.  In...

Docker/Kubernetes Part 5:  Docker in Detail

Our fifth post in this series, covering details of Docker, is the complement to part four.  Once...