SafeBreach Labs Contributes Attack Expertise to MITRE ATT&CK Framework

Drawing from Ground-Breaking Hacker's Playbook(TM), SafeBreach Labs Becomes Early Partner in Defining Open Source Attacker Technique Efforts

SUNNYVALE, CA--(Marketwired - Apr 18, 2017) - SafeBreach, the leading provider of continuous security validation, today announced that its research arm, SafeBreach Labs has become an early partner in The MITRE Corporation's research and knowledgebase of post-compromise threat intelligence known as the Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Framework, established in 2015. Drawing from its unparalleled 4 million (and growing) breach method Hacker's Playbook, SafeBreach Lab's initial contribution provides specific and actionable intelligence related to three major attack and exfiltration techniques.

According to the ATT&CK Framework project lead Blake Strom, "ATT&CK is meant to provide comprehensive coverage across a range of post-compromise adversary techniques in a structured framework so defenders are aware of what else to look for, increasing the odds of detection and successful incident response." Moving beyond indicators, ATT&CK "connects-the-dots" between vulnerabilities and attacker tools and techniques to better visualize and mitigate compromise attempts.

Regarding SafeBreach's contributions, Strom said, "As we did with the CVE standard, MITRE's goal is to bring together the collective expertise and experience of the industry, to empower organizations to better understand the adversary and their own risk. The adversarial behavior expertise that SafeBreach provides helps us grow and validate the ATT&CK model, which we hope will be beneficial across the security community, federal agencies and the commercial sector."

SafeBreach and the company's Co-founder and CTO Itzik Kotler are leading the research for the ATT&CK Framework project. SafeBreach Lab's initial contributions span methods for exfiltration, evasion and command and control. Kotler said, "Understanding the cyber kill chain is the first step. When you realize not only the scope of an attacker's toolset and technical options, but also the multitude of permutations in which those elements can be brought to bear, it's incredibly daunting. We applaud MITRE for yet again working to establish a common language for defenders, and look forward to an extremely productive partnership."

About SafeBreach:
SafeBreach is a pioneer in the emerging category of continuous security validation. The company's groundbreaking platform provides a "hacker's view" of an enterprise's security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes breach methods with an extensive and growing Hacker's Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer. SafeBreach is a 2016 SINET16 Innovator, and a finalist for the RSA 2016 Innovation Sandbox and BlackHat Most Innovative Startup competitions. For more information, visit or follow on Twitter @SafeBreach.

About The MITRE Corporation:
The MITRE Corporation is a not-for-profit organization that operates research and development centers sponsored by the federal government. For more information, visit or follow on Twitter @MITREcorp; on

Contact Information:

Kayla Krause
CHEN PR for SafeBreach


Itzik Kotler, co-founder and CTO, SafeBreach