BI.ZONE Threat Intelligence offers a new analytical tool

The portal’s latest version features an all-in-one tool based on the MITRE ATT&CK matrix

July 22, 2024

The new section covers all the tactics, techniques, and procedures of the threat actors tracked by BI.ZONE Threat Intelligence. The user can dive deep into layers of data and configure the downloadable output to the desired level of detail. The matrix feeds on data from more than 70 clusters of activity.

Selecting a technique on the MITRE ATT&CK matrix generates a detailed view of respective sub‑techniques. For each of them, the user can see:

names of threat actors that have exploited the sub‑technique
detailed description of the procedures employed
information on command lines, malware, and other tools associated with each of the procedures

The information on techniques, sub‑techniques, and procedures can be filtered by target countries and industries. The data can be also segmented by clusters of activity, malware, and tools. For example, by selecting the Malware filter, the user will see how a particular technique has been used by malicious programs, while the information about threat actors and tools will be omitted.

The MITRE ATT&CK matrix is a must for any threat intel portal or platform. We decided to go a bit further and use the matrix as a foundation for our own analytical tool to deliver highly detailed data that includes procedures and command line descriptions. This will enable our clients to get most up‑to‑date and thorough intelligence on technical, tactical, operational, and strategic layers.

Oleg Skulkin

Head of BI.ZONE Threat Intelligence

The data provided in the new format will be useful to many—from SOC and other cybersecurity professionals to CISOs and senior executives involved in strategic planning and risk assessment.