Mapping ATT&CK techniques to CVEs should make risk assessment easier

From helpnetsecurity.com

ATT&CK CVE

Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered vulnerability, the MITRE Engenuity team urges.

Read more…