Speakers at last week's MITRE ResilienCyCon conference had a surprisingly candid message for attendees: You will likely be breached at some point so focus on the controls and response capabilities yo...
If MITRE Engenuity's new MSSP evaluations are any indication, managed security service providers are a little like children from Lake Wobegon: They're all above average.
Of the 15 MSSPs that parti...
MITRE has released its latest list of the top 25 most exploited vulnerabilities and exposures found in software.
The MITRE CWE list is different from the product-specific CVE lists from the U.S. C...
MITRE Engenuity has released the latest round of its ATT&CK endpoint security evaluations, and the results show some familiar names leading the pack with the most detections.
The MITRE evaluati...
MITRE ATT&CK ("miter attack") is an up-to-date and widely-used knowledge base that focuses on how attackers think and operate. It’s based on practical use cases, so companies can better evaluate s...
MITRE is moving beyond its well-regarded endpoint security evaluations and will soon be testing other security services and products.
MITRE recently issued a call for participation for ATT&CK E...
It's been an active week for security vulnerabilities, with MITRE and the U.S. Cybersecurity & Infrastructure Agency (CISA) revealing hundreds of critical vulnerabilities.
CISA ordered federal ...
MITRE added a new wrinkle to its latest endpoint detection and response (EDR) evaluations, a test of endpoint security products' ability to stop an adversarial attack.
Previous MITRE evaluations and ...
MITRE Engenuity last month released the latest MITRE ATT&CK evaluations of endpoint security products, and the results contain some pretty big surprises.
MITRE doesn't analyze or comment on the...
John the Ripper is a popular password cracking tool that can be used to perform brute-force attacks using different encryption technologies and helpful wordlists. It’s often what pen-testers and ethic...