In this short video, we will demonstrate how security teams can leverage the mapping of VMRay’s analysis results to the MITRE ATT&CK framework for more effective incident response.
ATT&CK is the industry-standard framework and knowledge base of adversary tactics and techniques, threat groups, and related software and tools.
The entire MITRE ATT&CK framework is mapped to VMRay Threat Identifiers (VTIs). This allows security teams to understand the scale and impact of an incident fast, leading to actionable mitigation measures.
In this analysis of a malicious RTF document we will use VTI matches and the MITRE ATT&CK framework to answer the following questions: