‘Active Defense’ is the term for limited offensive action within one’s network to engage the adversary. It has its roots in traditional military strategy and has become a desired capability for modern cybersecurity teams. So far, cybersecurity has been passive – we wait for adversaries to make a move, and then we react. Active defense allows security teams to ‘take back the advantage’ by making life difficult for the adversary both before and during their attempted intrusions. By setting traps for attackers, defenders gain faster, clearer, and more reliable information about ongoing attack tactics, meanwhile slowing the adversary down. MITRE Engage is a knowledge base and framework for applying the state-of-the-art in active defense, deception, and adversary engagement operations. It was developed by the team at MITRE, based on a decade of experience applying active defense principles to defend their network.
Adopting the MITRE Engage Framework With Zscaler Deception
