CyCraft Classroom: MITRE ATT&CK vs. Cyber Kill Chain vs. Diamond Model


In cybersecurity, there have been several approaches used to track and analyze the various characteristics of cyber intrusions by advanced threat actors.

1. Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill ChainsIn 2011, the US Department of Defense officially incorporated cyberspace as a component of the fifth domain of warfare, Information Operations; the first four consisting of land, sea, air, and space.The defense contractor, Lockheed Martin, extended the military concept of a kill chain and adapted it to cybersecurity. The Cyber Kill Chain, as it is currently called, breaks down an intrusion into a well-defined sequence of seven phases from Reconnaissance to Actions on Objectives.

Read more…