Mapping ATT&CK Data Sources to Security Events via OSSEM ๐กโ๏ธ
The MITRE-ATT&CK team just released the last entry of a two-part blog series where they proposed a new methodology to start defining and extending the concept of ATT&CK data sources. They went from identifying opportunities and enhancing the current state of data sources, all the way to operationalizing a methodology to improve the definition of current data sources and the identification of new ones within the framework.