Create a Post
Showing results for 
Search instead for 
Did you mean: 
Employee Alumnus
Employee Alumnus

MITRE ATT&CK framework for AWS is now supported by CloudGuard

CloudGuard Threat Intelligence  is adding support for MITRE ATT&CK framework for AWS.

MITRE ATT&CK® is a Matrix for Enterprise covering cloud-based techniques. It is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies.

CloudGuard clients can now evaluate their cloud deployments based on various attack vectors using well defined MITRE ATT&CK® framework.


For example one of the alerts that was produced by the CloudGuard Threat Intelligence is related to the MITRE ATT&CK ™ - Exfiltration tactics. This alert may indicate that this someone is stealing data from the cloud environment.


With visualization of the event, it is easy to tell that data is being transmitted from my internal cloud zone to some external IP.


Enrichment and integration with ThreatCloud™ (Check Point threat intelligence database that helps identifying and preventing threats) provides all the required information to triage and investigate this alert further.



For More information 

Latest Blogs:

0 Replies