CSO·Insight

Foreword: As the situation in the Russia-Ukraine war becomes increasingly anxious, Western countries have successively announced plans to impose comprehensive sanctions on Russia, and the United States has even included Russia in its technology export control list. Surprisingly, the impact of the Russo-Ukrainian war was so wide that it affected almost the entire global technology network. Many...

Red and blue confrontation is an important means to attack and promote defense, the key to the real network environment, the use of the attacker's perspective to discover the threat factors, so as to enhance the security protection capabilities, help enterprise security construction.

ATT&CK, as an attack modeling framework developed by the MITRE organization, is a collection of real attack vectors based on real-world observations, which contains numerous threat organizations that have been publicly reported and the tools and attack techniques they use, and can serve as a good reference and learning guide for red-blue confrontation. Therefore, the learning study of ATT&CK is used as the opening of the Red-Blue Confrontation series of articles.