Mitre’s Center for Threat Informed Defense is now offering a free Chrome browser extension, allowing for instantaneous searching of the ATT&CK framework knowledge base as simply as right-clicking on a term.
“The MITRE ATT&CK community spends too much time copying and pasting text from one place to another to achieve simple tasks like looking up ATT&CK technique IDs, linking to a software page, or just finding a term from the latest threat intel report in the ATT&CK knowledge base,” Mark Haase and Jon Baker wrote in their announcement of the extension, the chief engineer and director of research of the Center for Threat Informed Defence, respectively.
The extension, dubbed ATT&CK Powered Suit, was originally created at Fujitsu, who handed off an early version of the project to Mitre to develop.
ATT&CK Powered Suit streamlines the search process in several ways, creating an overlay capable of providing search results as you type, directing users to several selectable categories of information on the Mitre site or even sending a user off-site when relevant.
“It's a nice example of partnership. I think. Fujitsu had this idea, but didn't really have the infrastructure to release this. And the Center for Threat Informed Defense has this infrastructure to refactor a project, release it as open source and promote it and maintain it in the long run.,” Haase told SC Media.
The final extension keeps much of the front end and features of the original Fujitsu program, while making backend changes to create a zero-latency search from an index already downloaded to a user’s machine.
Though it's early for outside feedback, Haase said ATT&CK Powered Suit has been a hit at Mitre since testing began.
“The feedback from piloting with inside Mitre for a few months was that it just quickly became indispensable, and a lot of people were using this as their first resort instead of going straight to the attack website and looking for stuff there,” he said.