Security Stack Mappings AWS

Published

Problem

Users of AWS lack a comprehensive view of how native AWS security controls defend against real-world adversary TTPs.

Solution

Map the effectiveness of each AWS security control against specific ATT&CK techniques.

Impact

Empowers defenders with independent assessments of which AWS controls are effective to mitigate relevant adversary TTPs.

Project Resources

Published: 21 September 2021

Funding Research Participants

Non-Profit Research Participants

Project Summary

This project empowers organizations with independent data on which native AWS security controls are most useful in defending against the adversary TTPs that they care about. It achieves this by mapping security capabilities of AWS to the ATT&CK techniques that they can protect, detect, or respond to. This will allow organizations to make threat-informed decisions when selecting which native security capabilities to use to protect their workloads.

World map showing connections, illustration

← Previous: ATT&CK Integration into VERIS Next: Threat Report ATT&CK Mapper - TRAM →