MITRE ATT&K and the Pyramid of Pain: An Introduction

Before we delve into the MITRE ATT&CK framework, I’d like to give a little context to set the stage. Though wheels are turning, much of cybersecurity is still mired in “tradition.” That is to say, analysts are reading reports, journals, academic papers, news stories, etc. Relevant data is then transferred to a database or stored in their personal biological hard drive, their head. All of this data is then transferred to written reports that are then given to consumers.

To reduce the risk of vulnerabilities, IT administrators must ensure the devices they manage, which sometimes includes Mac devices, have the latest updates installed, even if support for Mac is not their major competency. 

In an ideal world, security teams would remediate all vulnerabilities as soon as they are discovered, eliminating both small and large risks. However, zero inboxing in the world of vulnerability management is a mere pipe dream. 

This article will give you an insight into virtual patching, what makes patching hard for businesses, the value of virtual patching and how to fix virtual patching issues. Let’s get started.

On November 3^rd, 2021, the Cybersecurity and Infrastructure Security Agency released Binding Operational Directive 22-01, a compulsory direction with the goal of systematizing and standardizing vulnerability remediation across federal agencies except for defined “national security systems” and “certain systems operated by the Department of Defense or Intelligence Community.”

Risk-based vulnerability management is the process of reducing vulnerabilities across the attack surface of an organization’s assets by prioritizing remediation based on the risks they pose. 

Has Vicarius Been Affected by Log4Shell?

Along with the rest of the cybersecurity community, we have been continuously monitoring for any evidence of Log4Shell exploit attempts in our digital environment. So far, we have found no evidence that TOPIA or any of our systems have been affected by CVE-2021-44228 or CVE-2021-45046. It is also our current understanding that we are not vulnerable to either CVEs according to data gathered from extensive testing.