D3 Security, the leader in smart security orchestration, automation, and response (SOAR), today published In the Wild 2024, the first in a series of reports that analyzes real-world cybersecurity data and provides incident response workflows for the most prevalent threats. For this report, D3 tracked MITRE ATT&CK techniques across more than 75,000 security incidents to determine the 10 most frequently used adversary techniques. The most detected technique was Command and Scripting Interpreter, which was found in more than 50% of the incidents.
The research was conducted by D3 Labs, D3’s internal team dedicated to deep research into cybersecurity threats and creating innovative solutions to the challenges they pose. D3 Labs’ research is the basis for threat profiles, detections, stack-specific playbooks, and other valuable assets for D3 Smart SOAR users.
“Understanding what attacker techniques you are most likely to come up against is important, but you also need to know how to respond to those threats,” said Adrianna Chen, VP of Product and Service at D3 Security. “That’s why our report includes sample playbooks for each of the top 10 techniques, providing practical resources that security teams can immediately put to use.”
The data for In the Wild 2024 was collected, in collaboration with a subset of users, through D3 Smart SOAR, which integrates with hundreds of other tools and captures MITRE ATT&CK TTP information from ingested alerts. This makes it uniquely situated to track comprehensive data about what attacker techniques security teams are facing.
With incident response workflows for the top 10 ATT&CK techniques, In the Wild 2024 is an invaluable asset for security teams that want to more effectively allocate resources to mitigate the most common threats. The report can be downloaded for free from D3’s Resource Hub.
About D3 Security
D3 Security’s Smart SOAR™ helps solve many of the most entrenched problems in cybersecurity—including analyst burnout, alert overwhelm, and information silos—by transforming separate tools into a unified ecosystem with multi-tier automation, codeless orchestration, robust case management, and environment-wide reporting. Smart SOAR performs autonomous triage and drastically reduces false positives so that enterprise, MSSP, and public sector security teams can spend more time on real threats.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240410223611/en/