Balbix, the leader in cybersecurity posture automation, announced new platform capabilities to automatically map software vulnerabilities and endpoint security controls to the MITRE ATT&CK Framework. These new capabilities enable organizations to determine their unmitigated cyber risk accurately and better prioritize vulnerabilities for remediation. Security teams can use this information to reduce cyber risk faster and improve how they report risk to senior leadership and the board.
The MITRE ATT&CK Framework is a curated knowledge base of over 600 tactics, techniques and procedures (TTPs) that attackers use for carrying out a cyber attack. Tactics are the technical objectives of adversaries, for example, lateral movement. Techniques are the methods adversaries use to achieve their objectives, often broken out into sub-techniques. Unfortunately, the wealth of information in the MITRE ATT&CK Framework has been challenging to operationalize. According to Gartner® research, How to Use MITRE ATT&CK to Improve Threat Detection Capabilities, “The process of operationalizing security detection based on an ATT&CK TTP is not always straightforward or easy, and in many cases it is complicated by lack of data telemetry and high false positive rates.” Balbix offers the first solution to overcome these challenges.
Balbix uses advanced analytics to map common vulnerability and exposures (CVEs) to the TTPs outlined in the MITRE ATT&CK Framework. For each CVE instance, Balbix provides a complete description of the TTPs that can be used to exploit the vulnerability. Balbix also identifies which endpoint security controls are deployed on each vulnerable asset, and determines the efficacy with which the control can mitigate the open vulnerabilities. The higher the effectiveness of the controls, the less likely an attack will be successful.
“Security teams have found it challenging to determine the effectiveness of their deployed security controls against specific vulnerabilities and prioritize vulnerabilities using incomplete information,” said Chris Griffith, Chief Product Officer at Balbix. “With these new features, security teams can better understand how an adversary might carry out an attack and the unmitigated risk of open vulnerabilities.”
By mapping the MITRE ATT&CK Framework across an organization’s vulnerabilities and security controls, Balbix can provide more accurate vulnerability prioritization. Security teams learn which vulnerabilities pose the most significant risk to their organization and can take action accordingly. Balbix also allows security teams to more accurately calculate cyber risk for reporting and decision-making purposes.
“It’s one thing for organizations to identify what vulnerabilities they have in their environment, but it’s another thing altogether to understand what types of attacks can be carried out against those vulnerabilities,” said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. “By extending the use of the MITRE ATT&CK framework to risk-based vulnerability management, Balbix has made it easier for organizations to prioritize their vulnerabilities and calculate cyber risk accurately. As a result, they can reduce their biggest risks faster.”
To learn more about Balbix and how it maps vulnerabilities and security controls to the MITRE ATT&CK Framework, visit https://www.balbix.com.
Gartner, How to Use MITRE ATT&CK to Improve Threat Detection Capabilities, Joshua Ammons, 30 July 2021. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Balbix enables businesses to reduce cyber risk by quickly identifying and mitigating their riskiest cybersecurity issues. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses’ security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate their cloud and on-premise asset inventory, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data, not opinions.
A rapidly growing set of Fortune 500 companies trust Balbix as the “brain” of their infosec programs and are realizing the benefits of maximally automated workflows and reduced cyber risk. Balbix was recognized in CNBC’s 2022 list of Top 25 Startups for the Enterprise and ranked #32 on the 2021 Deloitte Fast 500 North America.