Exploring Threat Modeling with MITRE's ATT&CK Framework

The Shostack + Friends Blog has recently featured an insightful series focusing on threat modeling with the prominent ATT&CK framework, a project spearheaded by Tiffany Bergeron, who serves as the Chief Architect at MITREs Mappings Program. This four-part series is not just a casual overview but a comprehensive deep dive into the complexities and nuances of threat modeling, showcasing the depth of expertise available within the community.
The series elaborates on discussions initially presented by Kyle Wallace and Tiffany during a recent RSAC Virtual Seminar titled Building Resilient Systems. The seminar set the stage for a more extensive exploration of the ATT&CK framework, which is becoming increasingly vital for organizations aiming to bolster their cybersecurity posture in a landscape fraught with sophisticated threats. The video from the seminar is available for viewing and serves as an excellent entry point into the subject.
Tiffany expressed her enthusiasm about collaborating with her long-time colleagues from MITRE, emphasizing the importance of delving deeply into specific approaches to threat modeling. This collaboration is particularly significant in a field where insights and shared experiences can dramatically enhance understanding and effectiveness. She noted that the chance to explore where they aligned and diverged in their methodologies brought a refreshing perspective to their discussions.
Despite the importance of threat modeling, Tiffany pointed out a notable challenge: many organizations are still grappling with the fundamental aspects of the process, often described as being in the 'crawl phase' of development. This stage is characterized by initial enthusiasm that can quickly lead to frustration due to difficulties in coordination and execution. As organizations strive to establish effective threat modeling practices, they often encounter obstacles that hinder their progress.
The series of videos is hosted at the Center for Threat Informed Defense, which aims to foster deeper conversations and understanding around threat modeling and defense strategies. However, accessing the additional videos may require some navigation skills, as they can be slightly challenging to find. Viewers are advised to look for a menu at the top of the first video, where a small triangle icon will guide them to the further installments of the series.