Pith. sign in

REVIEW

Not yet reviewed by Pith; the record is open.

This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.

SPECIMEN: schema-true, not a live event

T0 review · schema-true

One-sentence machine reading of the paper's core claim.

pith:XXXXXXXX · record.json · timestamp

arxiv 2108.06559 v1 pith:RO6HEP7L submitted 2021-08-14 cs.CR

Security Assessment Rating Framework for Enterprises using MITRE ATT&CK Matrix

classification cs.CR
keywords securityassessmentframeworkmatrixratingtestingattackmitre
verification ladder T0 review T1 audit T2 compute T3 formal T4 reserved
0 comments
read the original abstract

Threats targeting cyberspace are becoming more prominent and intelligent day by day. This inherently leads to a dire demand for continuous security validation and testing. Using this paper, we aim to provide a holistic and precise security analysis rating framework for organizations that increases the overall coherency of the outcomes of such testing. This scorecard is based on the security assessment performed following the globally accessible knowledge base of adversary tactics and techniques called the MITRE ATTACK matrix. The scorecard for an evaluation is generated by ingesting the security testing results into our framework, which provides an organizations overall risk assessment rating and the risk related to each of the different tactics from the ATTACK matrix.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.