Skip to main content
Whitepaper

MITRE Engenuity ATT&CK® Evaluations for ICS: Retrospective & Results

The MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) is the first evaluation of the ICS threat detection market and simulates an attack against an operational technology (OT) environment. MITRE Engenuity used the MITRE ATT&CK knowledge base to emulate the tactics, techniques, and procedures (TTPs) associated with the TRISIS (aka Triton) malware. The malware has been used to compromise industrial systems around the world, including oil and gas and electrical plants in the Middle East, Europe, and North America.

This whitepaper details the simulation of a realistic multi-phase attack scenario used in the ATT&CK Evaluations, provides a day-by-day breakdown of the threat behaviors and techniques, and highlights how the Dragos Platform technology identified adversary behavior.

Take advantage of this free download to learn more about:

  • The emulation of XENOTIME, a real-world threat activity group tracked by Dragos
  • Insights from the 5-day simulated attack
  • How Dragos tracked the adversary through the MITRE ATT&CK for ICS framework
  • A candid assessment of Dragos Platform improvements
SKIP
Discover More Resources Using Keyword Tags
Dragos Platform MITRE ATT&CK

Discover more resources.

Explore more resources to support you on your ICS cybersecurity journey.

Read our next whitepaper

whitepapers

Using Bow Tie Risk Modeling for Industrial Cybersecurity

Josh Carlson

View more whitepapers

Right Arrow

Ready to put your insights into action?

Take the next steps and contact our team today.