Mobile Security & Enterprise Mobility Blog

Mobile Is Another Endpoint: MITRE ATT&CK Framework for Mobile

 

Mobile Is Another Endpoint: MITRE ATT&CK Framework for Mobile

This is the second webinar in a two-part series on how two non-profit organizations, the Center for Internet Security (CIS) and MITRE have adapted best practice guidelines to include mobile. The first webinar focused on CIS’ 20 Critical Security Controls

CISOs and CIOs know MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in both public and private sectors, as well as the cybersecurity product and service community. 

With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge.

What CISOs and CIOs may not know is to how best use the expanded mobile knowledge base.  

In the second part of a two part series, Zimperium looked at how the ATT&CK knowledge base has expanded to cover mobile. JT Keating, Zimperium’s Vice President of Product Strategy, and Andrew Osborn, Zimperium’s Vice President of Global Solutions, presented the webinar on August 14th and took a look at MITRE’s ATT&CK for Mobile (AfM). Watch the on-demand webinar to learn more about:

  • MITRE’s AfM – a public knowledge base of tactics and techniques that enable adversaries to gain access to mobile devices and to then take advantage of that access to accomplish various malicious objectives;
  • Which AfM techniques are addressed by mobile device management (MDM) vendors; and
  • Which AfM techniques are addressed by mobile threat defense (MTD) vendors like Zimperium.