The Global Cyber Alliance has joined the Sightings Ecosystem project, which was presented yesterday by MITRE Engenuity.
This project provides cybersecurity defenders and researchers with critical insight into real-world, in-the-wild adversary behaviors mapped to the MITRE ATT&CK® framework. The ecosystem aims to fundamentally advance the collective ability to see threat activity across organizational, platform, vendor, and geographical boundaries. Voluntarily contributed raw “sightings” or observations of specific adversary TTPs are mapped to ATT&CK, anonymized, and aggregated to produce intelligence.
From a sample of over 6 million sightings, then normalized to about 1.1 M and restricted to the April 2019-June 2021 period, up to 183 unique adversary techniques could be identified. A reduced group of 15 techniques made up 90 percent of all observed behaviors.
The Global Cyber Alliance is supporting this project as a research participant. Other participants in the initiative include AttackIQ, Fortinet, Verizon, and the Cyber Threat Alliance.
For further information about this valuable resource: