McAfee has announced the introduction of MITRE ATT&CK into McAfee MVISION Cloud, the company’s Cloud Access Security Broker (CASB). This new integration gives SecOps teams a direct source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK. McAfee is the first CASB provider to tag and visualize cloud security events within an ATT&CK.
“By translating cloud threats and vulnerabilities into the common language of ATT&CK, MVISION Cloud allows security teams to extend their processes and runbooks to the cloud, understand and preemptively respond to cloud vulnerabilities, and improve enterprise security.” said Rajiv Gupta, senior vice president and general manager of Cloud Security, McAfee.
The ATT&CK integration with McAfee MVISION Cloud introduces new capabilities to mitigate the risk of cloud attacks and vulnerabilities, including the ability to:
• Advance from Reactive to Proactive
• Break Silos
• Take Direct Action
With the introduction of ATT&CK into McAfee MVISION Cloud, there is no longer the need to manually sort and map incidents to a framework like ATT&CK or to learn and operationalize a separate framework for cloud threats and vulnerabilities, especially as cloud-native threats become more abundant. Security teams using MVISION Cloud now have all of their threat incidents automatically mapped to ATT&CK, allowing them to see all cloud attacks that have been fully executed; attacks in progress in order to take action; as well as the ability to combine incidents, anomalies, threats and vulnerabilities into one holistic, familiar view.