all InfoSec news
Aligning Falco’s Cloudtrail Rules with MITRE ATT&CK
Malware Analysis, News and Indicators - Latest topics malware.news
This blog will explain how Falco’s Cloudtrail plugin rules can be aligned with MITRE ATT&CK Framework for Cloud.
One important note is that the team at MITRE has developed several different matrices to address the unique risk associated with adversaries in the cloud, in containerized workloads as well as on mobile devices. In this blog post, we will align rules only to the Cloud matrix seen below:
<tr>
<td>Initial Access</td>
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral …
access address adversaries amp att blog blog post cloud cloudtrail devices falco framework important initial access matrix mitre mitre att& mitre att&ck mobile mobile devices persistence plugin privilege risk rules team workloads