Immersive Labs, the world’s most advanced cyber skills development platform, today integrated the MITRE ATT&CK™ framework, a globally-recognised knowledge base that maps attack phases against specific techniques, into its platform. This makes it the first technology globally to allow organisations to base cyber skills training on MITRE ATT&CK, meaning organisations can map and manage specific people’s skills to actual risks.
Traditional cyber training is often based on out-of-date attack methodologies, with the skills learnt quickly becoming outdated. While cyber criminals are continuously innovating, methods of upskilling security professionals has lagged behind. Mapping training to the MITRE ATT&CK framework, Immersive Labs’ gamified learning environments can ensure it is always based on the techniques and tactics actually being used by adversaries.
The MITRE ATT&CK matrix is maintained by contributions from security experts and is now widely adopted by organisations looking to better understand risk, standardise terminology and to evaluate the capabilities of security technologies. By using the framework, businesses are able to look at what they’re trying to protect, how they might be attacked and develop appropriate defence strategies.
Immersive Labs is now allowing organisations to measure the skills their security teams have against this key measurement and train people against proven attack techniques.
James Hadley, CEO and Co-Founder, Immersive Labs, said: “As most CISOs and other senior security leaders will only be too aware, benchmarking the capabilities of technology is pretty straightforward, it’s much harder to do against the skills of team members. By mapping skills and training to ATT&CK, organisations skill levels can be visualised in real-time, highlighting gaps or potential for increased investment and improving security teams’ ability to prevent and respond to events.”
Richard Struse, MITRE’s chief strategist for cyber threat intelligence, said “The MITRE ATT&CK knowledge base provides a common language for the cybersecurity community to use when describing adversary behaviors. We continue to be inspired by the ways the entire community is using ATT&CK to improve their defenses.”
The Immersive Labs platform uses real-time feeds of the latest attack techniques, hacker psychology and technological vulnerabilities to rapidly build gamified learning environments for IT and security teams. The platform can upskill people within hours of a threat emerging and can also be used to identify and fix less immediate weaknesses in the talent pool.
About Immersive Labs
Founder James Hadley had the initial idea after instructing GCHQ’s Cyber Summer School, teaching 18-25-year-old students everything from evasion to penetration testing over a ten-week period. He noticed the classes with the highest success rate were the ethical hacking challenges featuring games, which enabled students to solve problems, as opposed to sitting passively in a classroom. Just two years later, the company has grown from just two people to 65 globally. Immersive Labs has offices in Bristol, London, New York and Zurich.
For more information on Immersive Labs’ offering, please visit www.immersivelabs.com
