An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

The Cyber Defense Review

Implementing Intrusion Kill Chain Strategies by Creating Defensive Campaign Adversary Playbooks

By Rick Howard | Ryan Olson | November 18, 2020

This paper extends the work of the Lockheed Martin research team on intrusion kill chains (the identification and prevention of cyber intrusions) in 2010. The theory has languished in the network defender community not because it is not the right idea, but because most InfoSec teams do not have the resources to implement it. What has prevented the success of the intrusion kill chain strategy is a standard framework to collect the intelligence associated with specific adversaries, to share and consume that standardized intelligence with trusted partners, and then to automatically process that intelligence and distribute new prevention controls to the network defender’s security stack. The adversary playbook is that framework.

 

FULL ARTICLE HERE



US Army Comments Policy