Balbix Declares Industry-First Capabilities to Map Software Vulnerabilities and Endpoint Security Controls to the MITRE ATT&CK Framework


Balbix, the leader in cybersecurity posture automation, announced new platform capabilities to automatically map software vulnerabilities and endpoint security controls to the MITRE ATT&CK Framework. These new capabilities enable organizations to determine their unmitigated cyber risk accurately and better prioritize vulnerabilities for remediation. Security teams can use this information to reduce cyber risk faster and improve how they report risk to senior leadership and the board.

The MITRE ATT&CK Framework is a curated knowledge base of over 600 tactics, techniques and procedures (TTPs) that attackers use for carrying out a cyberattack. Tactics are the technical objectives of adversaries, for example, lateral movement. Techniques are the methods adversaries use to achieve their objectives, often broken out into sub-techniques. Unfortunately, the wealth of information in the MITRE ATT&CK Framework has been challenging to operationalize. According to Gartner® research, How to Use MITRE ATT&CK to Improve Threat Detection Capabilities, “The process of operationalizing security detection based on an ATT&CK TTP is not always straightforward or easy, and in many cases it is complicated by lack of data telemetry and high false positive rates.” Balbix offers the first solution to overcome these challenges.

Balbix uses advanced analytics to map common vulnerability and exposures (CVEs) to the TTPs outlined in the MITRE ATT&CK Framework. For each CVE instance, Balbix provides a complete description of the TTPs that can be used to exploit the vulnerability. Balbix also identifies which endpoint security controls are deployed on each vulnerable asset, and determines the efficacy with which the control can mitigate the open vulnerabilities. The higher the effectiveness of the controls, the less likely an attack will be successful.

“Security teams have found it challenging to determine the effectiveness of their deployed security controls against specific vulnerabilities and prioritize vulnerabilities using incomplete information,” said Chris Griffith, Chief Product Officer at Balbix. “With these new features, security teams can better understand how an adversary might carry out an attack and the unmitigated risk of open vulnerabilities.”

Also Read: How SOC Automation Solutions Can Address Complexity and Boost Performance

By mapping the MITRE ATT&CK Framework across an organization’s vulnerabilities and security controls, Balbix can provide more accurate vulnerability prioritization. Security teams learn which vulnerabilities pose the most significant risk to their organization and can take action accordingly. Balbix also allows security teams to more accurately calculate cyber risk for reporting and decision-making purposes.

“It’s one thing for organizations to identify what vulnerabilities they have in their environment, but it’s another thing altogether to understand what types of attacks can be carried out against those vulnerabilities,” said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. “By extending the use of the MITRE ATT&CK framework to risk-based vulnerability management, Balbix has made it easier for organizations to prioritize their vulnerabilities and calculate cyber risk accurately. As a result, they can reduce their biggest risks faster.”

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.