MITRE APT report

The MITRE APT Report in CyberFOCUS helps organizations understand and mitigate vulnerabilities by mapping them to adversary tactics and techniques. It provides valuable insights for security teams, enabling proactive defense strategies.

MITRE Advanced Persistent Threat Groups (MITRE APTs) web report obtains data published through the MITRE ATT&CK® Framework, analyses and compares it with the patch levels of the devices in your BigFix environment, and visualizes the analysis as a bar chart to help you take informed decision to mitigate the security threat.

The MITRE ATT&CK® Framework documents real-world attack techniques used by Advanced Persistent Threat (APT) groups. For more details, visit MITRE ATT&CK.

Key Benefits of MITRE APT Report

  • MITRE APT Report maps vulnerabilities to the MITRE ATT&CK framework, which tracks adversary tactics and techniques.

  • The report analyses the data within MITRE ATT&CK and correlates the tactics, techniques, and procedures leveraged by APT’s to the BigFix Patch content based on the CVEs.
  • It highlights vulnerabilities linked to known adversary techniques.
  • It helps security teams understand attack vectors and prepare defense strategies.

Accessing MITRE APT report

To view the MITRE APTs report, from BigFix SaaS Remediate click Apps > CyberFOCUS.and click the MITRE APT tab.


CyberFOCUS MITRE Report Chart

CyberFOCUS MITRE Report Table

MITRE APT Report Data Representation and Interactions

CyberFOCUS displays MITRE APT data in an interactive table and chart, offering insights into an organization’s exposure to known threats.

MITRE APT Chart Representation
The table provides a structured list of vulnerabilities with key details:

  • The stacked bars on the chart indicate different CVE’s that have been associated to a given APT group.

  • Colour of the bar indicates the unique CVE. The same colour on the different bars indicates that the same CVE can be leveraged by different APT groups.

  • X-axis indicates APT group

  • Y-axis indicates number of exposures

MITRE APT Chart Interactions
  • Hover for Details: Hover over a bars in the graph to view additional details about the associated CVE and its impact on the applicable environment below the chart.
  • Show Selected Only: Filter the chart to display only the CVEs selected from the table.
MIRTE APT Table Representation
The table provides a structured list of vulnerabilities with key details:
Column Name Description
CVE ID Unique identifier for the vulnerability from the National Vulnerability Database (NVD).
CVE Name Common name for the vulnerability.
APT Groups List of APT groups known to exploit the vulnerability.
# of APT Groups Number of APT groups associated with the CVE.
CVSS Score Severity rating based on the Common Vulnerability Scoring System (CVSS).
Severity Severity rating based on the impact categorized as High, Medium, or Low.
Due Date The deadline by which the vulnerability should be remediated.
# of exposures The total number of Fixlet-device mappings required to remediate the vulnerability.
# of applicable Fixlets Total number of Fixlets that can be used to patch the affected devices.
# of relevant Fixlets The subset of Fixlets that still need to be applied (after some patches have been deployed).
MITRE APT Table Interactions
  • Click for More Information: Click on a CVE in the table to access in-depth details, including a description, applicable Fixlets, and affected devices. A direct link to the National Vulnerability Database (NVD) is available on the details page for further reference.
  • Sort Functionality: Sort vulnerabilities by any column in the table to quickly identify and prioritize threats.
  • Start Remediation: Select one or more CVEs from the table and click the Remediate button to initiate the CyberFOCUS remediation flow.