p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
monkey/docs/content/usage/reports/mitre.md

29 lines
1.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "MITRE ATT&CK report"
date: 2020-06-24T21:17:18+03:00
draft: false
---
The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base: It provides a new report with the utilized techniques and recommended mitigations, to help you simulate an APT attack on your network and mitigate real attack paths intelligently.
Watch an overview video:
{{% youtube 3tNrlutqazQ %}}
## How to use the report
The MITRE ATT&CK report is centred around the ATT&CK matrix:
![MITRE Report](/images/usage/reports/mitre-report-0.jpg "MITRE Report")
The Monkey rates your network on the attack techniques it attempted. For each technique, you can get
- **Red**: The Monkey **successfully used** the technique in the simulation. That means your network is vulnerable to this technique being employed.
- **Yellow**: The Monkey **tried to use** the technique, but didnt manage to. That means your network isnt vulnerable to the way Monkey employs this technique.
Then, you can see exactly HOW the technique was used in this attack, and also what you should do to mitigate it, by clicking on the technique and seeing the details. For example, lets look at the “Private keys” technique thats a part of employing the “Credentials Access” tactic:
![MITRE Report Credentials Access technique](/images/usage/reports/mitre-report-cred-access.jpg "MITRE Report Credentials Access technique")
In this example, you can see **from which machines** the Monkey was able to steal SSH keys, and the mitigations recommended, including **Restricting File and Directory access** and implementing **Network Segmentation**.
Reference in New Issue View Git Blame Copy Permalink