EclecticIQ Fusion Center Integrates with MITRE’s ATT&CK Framework
July 2018 by Marc Jacob
EclecticIQ announced the integration with MITRE’s ATT&CK™ (Adversarial Tactics, Techniques, and Common Knowledge) Framework. The integration allows for improved insights into tactics, techniques and procedures (TTP) of adversaries.
As adversaries get more skilled, the demand for precise threat intelligence increases. The analysts at EclecticIQ Fusion Center produce threat intelligence based on various open, community and commercial sources, both as pre-defined products as well as customer-specific offerings. Having ingested the ATT&CK matrix into EclecticIQ Platform, the analyst-centric Threat Intelligence Platform, attack patterns used in separate attacks can now be pinpointed.
The integration with MITRE’s ATT&CK framework creates equivalent STIX entities in EclecticIQ Platform. These entities are used as a common ontology to identify the specific activities of actors and capabilities so that overlaps can be identified.
EclecticIQ is a strong proponent of community and standardisation efforts within cyber security, and supports threat intelligence sharing, such as STIX and TAXII. By embracing ATT&CK, EclecticIQ hopes to encourage other community members to make use of this curated knowledge base and help turn it into an industry standard.