Elemendar – CTI to STIX2.0 Automation Engine Now Incorporating MITRE ATT&CK™
4th Feb 2020
Tristan Palmer
tristan@elemendar.com
Businesses facing today’s complex cyber attacks can slash the time taken to secure their systems by using Elemendar’s v0.0.7 AI-driven Cyber Threat Intelligence (CTI) translator released this week. The new version now incorporates MITRE ATT&CK™ within STIX 2.0.
Cyber threat analysts are required to read, understand and react to dozens of CTI reports every day. There are too many to read with not enough hours or analysts available. This is a serious security bottleneck creating far reaching risks. If the CTI is not acted upon promptly then new threats cannot be countered quickly enough.
Our AI engine reads CTI for analysts in seconds so saving considerable time and cost and better protecting organisations from threats. The automation of CTI and defence implementation throughout cyber security is critical to all aspects of cyber and therefore all major organisations.
“The race to secure enterprise systems is about closing the door on a threat before you are targeted with an attack,” said Syra Marshall, CTO of Elemendar. “Pace of response is increasingly becoming a deciding factor in securing your organisation.”
Elemendar is a leader in developing AI to automate the reading and translation of Cyber Threat Intelligence (CTI) from human authored unstructured text and documents into machine readable and actionable data output as STIX2 and incorporating MITRE ATT&CK™.
Please see our free trial of this here!
Background:
Founded in 2017 at the NCSC and GCHQ startup accelerator in the UK, Elemendar is the leader in developing AI to translate Cyber Threat Intelligence (CTI) into machine readable and instantly actionable data. This can be fed into systems such as SIEMs and TIPs directly to reduce risk and return valuable time to analysts at the forefront of cyber defence across enterprise, government and law enforcement. Elemendar’s technology is used by both government and private customers.
CTI is what cyber threat information becomes once it has been collected, evaluated in the context of its source and reliability, and analysed through rigorous and structured tradecraft techniques by those with substantive expertise and access to all-source information. CTI is essential to protect enterprises, secure government and enable law enforcement.
STIX2 is the industry standard taxonomy which describes CTI in a consistent way that both users and machines understand. STIX2 helps to reduce manual administration of CTI and improves collaboration between organisations.
MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.