Tesla CEO Elon Musk smiles as he addresses guests at the Offshore Northern Seas 2022 (ONS) meeting in Stavanger, Norway on August 29, 2022. (Photo by CARINA JOHANSEN/NTB/AFP via Getty Images)
The ATT&CK framework should account for the “full gamut of adversary behavior,” says one of the lead cybersecurity engineers who helps maintain the popular document.
MITRE and other "ATT&CK" advocates say the framework is ballooning as a popular way for people performing different roles in cybersecurity to speak the same language.
Tim Rudolph, Air Force Life Cycle Management Center chief technology officer, moderates a panel discussion titled “It’s Raining Data Centers” at the MITRE Corporation complex in Bedford, Mass., in 2014. MITRE is under pressure from Congress to change the way it handles the CVE process. (U.S. Air Force / Jerry Saslav)
The industry-wide program for naming and documenting vulnerabilities suffers from fluctuating funding and insufficient oversight, according to a House panel.