RE&CT Framework
#Operations Management#Security Operations
Enhances Windows OS security through system modifications and settings adjustments.
A Framework — Knowledge Base of Actionable Incident Response Techniques
A framework that serves as a knowledge base for actionable Incident Response techniques. This is a community-driven collection of Security Incident Response Playbooks. It also acts as a data source for the Atomic Threat Coverage framework.
The RE&CT Framework: Accumulating and Classifying Incident Response Techniques
The RE&CT Framework is specifically designed for gathering, describing, and classifying actionable Incident Response techniques. The philosophy of RE&CT is rooted in the MITRE ATT&CK framework.
Understanding the Columns as Response Stages
The columns in this context represent the various Response Stages.
The Cells Represent Response Actions
(Image generated by RE&CT Navigator)
Key Use Cases for Incident Response
Prioritization of developing Incident Response capabilities, which includes enhancing skills, acquiring or deploying technical measures, and developing internal procedures, among other activities. Conducting a gap analysis to assess the 'coverage' of existing Incident Response capabilities.
Key Resources for RE&CT
RE&CT Navigator (a modified version of ATT&CK Navigator) is used for visualizing and understanding the overall landscape. The automatically generated RE&CT website serves as the primary source for detailed information about existing analytics. Additionally, there is an automatically generated Atlassian Confluence knowledge base that includes a demonstration of the exporting functionality. This platform provides actionable analytics.
Overview of the ATC RE&CT Project
The ATC RE&CT project is a significant initiative that focuses on enhancing the efficiency and effectiveness of ATC systems.
