Anyone using the ‘ATT&CK’ framework in relation to gap analysis? If you could share some practical guidance on mapping current controls against the framework effectively, I’d be really interested. Seems a powerful approach, but also very time consuming and debatable. Any do’s and don’t are welcome!
Currently aiming to measure an Insider Threat solution for coverage on framework.