MITRE’s Centre for Threat-Informed Defence (CTID) and Microsoft have jointly rolled out Security Stack Mappings for Azure, aimed at bringing the former’s (ATT&CK) framework into the latter’s cloud platform
MITRE is looking to boost its usage, hence the Microsoft partnership. The deal made Azure the first cloud platform to actively link to ATT&CK by mapping in-built security controls to the framework.
The project aims to fill an information gap for organisations seeking proactive security awareness about the scope of coverage available natively in Azure. Securing the assets against the TTPs likely to targets.
The project, dubbed Security Stack Mappings, sees each of the security controls provided by Microsoft’s Azure platform mapped to ATT&CK threat techniques.
Microsoft’s Azure may be the first cloud platform targeted by MITRE’s project, but it won’t be the last. “The mappings between the Azure security stack and ATT&CK establish a foundation for future innovation. Rival AWS will soon be integrated.
The information gap is widely noted when organisations limit the amount of sharing they offer, but as we can see it clearly helps when working together.
“Combining the framework with Azure serves up an extra layer of protection for organisations. As Microsoft and the rest of the industry now have a reliable way of repeatedly adding on the mapping of built in security controls, it will inevitably help against ATT&CK techniques.”