Your ATs to Ts: MITRE ATT&CK Attack Technique to P-SSCRM Task Mapping
By: Sivana Hamer , Jacob Bowen , Md Nazmul Haque and more
Potential Business Impact:
Protects computer programs from being hacked.
The MITRE Adversarial Tactics, Techniques and Common Knowledge (MITRE ATT&CK) Attack Technique to Proactive Software Supply Chain Risk Management Framework (P-SSCRM) Task mapping described in this document helps software organizations to determine how different tasks mitigate the attack techniques of software supply chain attacks. The mapping was created through four independent strategies to find agreed-upon mappings. Because each P-SSCRM task is mapped to one or more tasks from the 10 frameworks, the mapping we provide is also a mapping between MITRE ATT&CK and other prominent government and industry frameworks.
Similar Papers
Establishing a Baseline of Software Supply Chain Security Task Adoption by Software Organizations
Cryptography and Security
Helps companies pick the best ways to stop hackers.
Closing the Chain: How to reduce your risk of being SolarWinds, Log4j, or XZ Utils
Software Engineering
Protects software from hackers by finding weak spots.
Towards Socio-Technical Topology-Aware Adaptive Threat Detection in Software Supply Chains
Software Engineering
Finds hidden dangers in software building blocks.