💾 Weißes Papier

How SCADAfence Detects Triton Based on the MITRE ATT&CK Framework

September 13, 2021

There is a lot of buzz recently on the topic of MITRE ATT&CK for ICS and rightfully so. In early 2021, MITRE Engenuity ran its first evaluation of the ICS threat detection market. MITRE Engenuity ATT&CK Evaluations are intended to help vendors and end-users better understand a product’s capabilities in relation to MITRE’s publicly accessible ATT&CK for the ICS framework. For the ATT&CK Evals, MITRE Engenuity used the MITRE ATT&CK for ICS knowledge base to emulate the tactics, techniques, and procedures (TTPs) associated with the TRISIS/TRITON malware. 

SCADAfence’s research team ran an analysis within the SCADAfence Platform based on the MITRE Engenuity scenario which used the MITRE ATT&CK for ICS knowledge base to emulate the tactics, techniques, and procedures (TTPs) associated with the TRISIS/TRITON malware.

Download the report to learn why SCADAfence is the most advanced OT security vendor covering MITRE ATT&CK for ICS.