Siemplify announced it now delivers an integration to the MITRE ATT&CK framework, enabling security operations teams to incorporate rich data and actionable intelligence into their incident response workflows.

A globally accessible knowledge base of adversary tactics and techniques based on real-world observations, MITRE ATT&CK is used as a foundation for the development of specific threat models and methodologies in the private sector, government and in the cybersecurity product and service community.

The Siemplify integration with the MITRE ATT&CK framework automatically pulls and displays valuable insights and findings from MITRE inside the intuitive Siemplify analyst workbench, driving playbooks and enabling security analysts to expedite root cause analysis and reduce mean time to remediate (MTTR) by suggesting remediation actions.

Additionally, the integration provides security operations center (SOC) managers and security executives with knowledge to assess overall security performance, capabilities and risk, helping to uncover gaps in controls and prioritize investments.

The integration from Siemplify, available out of the box, includes:

• Technique details: How attackers are attempting to compromise your environment.
• Tactics: All adversary techniques rely on tactics, the actions used to reach a goal. Knowing these helps you prioritize the attack.
• Mitigations: The steps you should follow to combat the attack.
• Associated intrusions: Associated adversaries known to have used the attack vectors.

?The MITRE ATT&CK framework has become ubiquitous within enterprises because it significantly amplifies threat prevention, detection and response capabilities,? said Meny Har, VP of product at Siemplify.

?Our integration with the MITRE ATT&CK framework combines our patented, threat-centric approach to managing security operations, which has proven to reduce caseload by up to 50 percent, with valuable attacker technique insights. This helps analysts become even more effective while driving best practices and intelligence across the entire security operations program.?

Siemplify is redefining security operations for enterprises and MSSPs worldwide. The Siemplify platform is an intuitive workbench that enables security teams to manage their operations from end to end, respond to cyber threats with speed and precision, and get smarter with every analyst interaction.