in today world of emerging threat, MITRE ATT&CK allows us to understand better the attacker intent and take actions upon the threats that has been detected.
the MITRE ATT&CK extension to SmartConsole (R80.30 version and above) expose the attackers intent by analyzing automatically your logs and use them to expose your own ATT&CK landscape and the Mitigations you need to take.
- The extension is focus on analyzing IPS & AB logs and have a dependency on SmartEvent that needed to be enabled.
- The report capability is available from R81.10 and will be ported to older versions after R81.10 GA release.
The community version can be downloaded from this link:
https://secureupdates.checkpoint.com/appi/mitre/mitre_network/extension.json
if you have any questions, inputs, challenges - please update us or send a direct email to orenkor@checkpoint.com