MITRE Engenuity, MITRE’s tech foundation for public good, and its Center for Threat-Informed Defense (CTID) today announced the launch of an affiliate program for organizations that advance state-of-the-art and practice in threat-informed defense. We are proud that Hunters has become a Founding Gold Affiliate in the CTID Program.
Hunters has long chosen MITRE, a trusted and objective voice in the security community, as its leading standard. Hunters' entire detection and scoring system uses MITRE ATT&CK®, as it has become the common language to describe adversary behavior. This allows a standardized naming convention while covering products from multiple vendors, who many times have their own distinct naming systems for threat actors and actions.
Hunters' detectors are assigned ATT&CK® Tactics, Techniques and Procedures (TTPs), which also dictate the default severity score, unless modified by the customer. Since Hunters SOC platform collects raw data and alerts from a variety of security and IT tools, it’s critical to use a common language and naming system. Thus, the SOC operator is able to quickly evaluate the situation, regardless of the vendor or product which generated the data or the alert.
A snippet of the Threat Coverage screen of Hunters SOC Platform, which leverages the MITRE ATT&CK framework
The Hunters MITRE Coverage map allows SOC teams to visually measure how well they can detect and respond to specific areas of the threat landscape. In doing that, SOC operators can better focus their attention and allocate their resources. For example, they can recognize important gaps in coverage and prioritize building additional custom detectors to cover specific threats or decide where additional data sources (in the form of security stack products) are required in order to fortify the defenses where they are lacking or most needed.
The MITRE affiliate program gives Hunters a critical head start in incorporating the center’s research and development (R&D) resources into our products and services. Outputs of all MITRE Center R&D projects are made freely-available globally, which enables Hunters to contribute not only to its customers, but also for the community, working together with the center to actively promote lessons learned and best practices.
Joining the MITRE Engenuity CTID marks a significant step to not only utilize the Center’s R&D resources, but also have a greater impact on the security community through the Hunters platform. It also helps us realize our mission to provide security teams with threat detection and response to quickly investigate and prioritize real incidents.
“We couldn’t be more pleased with Hunters’ teamwork and partnership in helping launch the Center’s affiliate program as a founding member. As an affiliate, the team at Hunters plays a critical role in highlighting how to leverage Center R&D to advance threat-informed defense.” - Jon Baker, director of R&D at the Center for Threat-Informed Defense.