Capability Assessments

Evaluate and rate your organizations overall defensive posture against adversaries.

Unfetter Discover is all about showing a different perspectives and Cyber Threat Intelligence data that is related to what you know. Network Defenders are in a constant uphill battle to develop and implement new intrusion mitigations, establish security controls, and develop and implement analytics with their SIEM. How do you prioritize which mitigations to work on next? If a new threat is targeting your business sector, how do you know you are covered? We found time and again, organizations simply did not have the information in hand to answer these questions. The Capability Assessment Dashboard lets you evaluate your current state of mitigations, sensors, and analytics, and then shows you which MITRE ATT&CK™ techniques are gaps.

The Network Defender's tool of choice.

Your organization is making decisions about which mitigations, sensors or analytics you are putting in place, and what risks you are taking. You can't do it all, so how do you know you are focusing on the right gaps? The Capabilities Assessment workflow helps you evaluate your current operational risks by lettting you rate the Mitigations, Sensors and Analtyics you are using. The Capabilities Assesment then shows you your risks from the perspective if Intrusion attacker technqiues. You rate what you know, and Unfetter Discover gives you an evaluation from a completely different perspective. Take input from your Threat Reporters and Analytic Developers to see threats as they happen. Provide feedback to your Analytic Developers about which techniques to focus on next. Let others in your team rate based on their own expertise. Get reporting that your boss will love.

Review detailed reports accessible to both network defenders and managers

Adjust your baseline criteria to reflect your unique needs.

Thorough Assessment Criteria

Start an assessment based on the criteria you want to rate. You can create as many assessments as you want. They can be snapshots in time, or a living document. Each assesmsent is built off a set of objects that are in unfetter, such as analytics, mitigations or sensors. You can create new sensors, mitigations and analytics at any time. You can even break up the work among your team.

Capability Assessments

Easily gauge your accepted risk to inform defensive investments.

Rated Network Posture Results.

You will go through and rate how effective your mitigations, sensors or analytics are in your environment. This can be subjective, but the questions are designed to guide to a specific tiered answer. The focus is determining how well each individual rated item is implemented in your environemnt. You are answer questions about things you know. Assessments can be saved, updated, edited, and changed over time. For larger organization, farm out the survey to different people with different expertise.

Capability Assessments

Immediate and effective recommendations provide the most protection for the least amount of work.

High-level Results in Seconds

At any moment, determine your overall risk levels. Where MITRE ATT&CK™ tactics are your biggest risk? Where are you doing things right? The front dashboard shows you a high level view for your assessment. In an assessment, you answered questions about how you implemented mitigations, sensors and analytics. They were already mapped to the MITRE ATT&CK™ techniques, so you now get a different view of your risks. For instance, you are doing a great job of implementing patching, per CSC Control 3 (https://learn.cisecurity.org/20-controls-download). Thus, you have less risk against an Exploitation for Privilege Escalation (T1068)

Capability Assessments

Customized recommendations to effeciently strengthen your network defense.

In-depth Results wiht Courses of Action

Take a deep dive into every MITRE ATT&CK™ technique and how your risks stacks up. Starting with a MITRE ATT&CK™ Tactic, dive into how each technqiue is rated. Explore what that technique really is and how you rated each item. Did something change? You can change your assessment here. Want to add a new Analytic, sensor or mitigation? You can do that here also. New analytics that are created by the Analytic Exchange will show up and ready for you to evaluate. You can even see MITRE ATT&CK™ techniques where there is no mitigations, sensors or analytics in your environment. Your assessment is a living document. Reduce your risks, evaluate your environment, hone your reporting and better manage what risks to tackle next

Capability Assessments

Take a Tour of our other app features.

Threat Reporting

This is the text about threat reporting

GO ->
Analytic Exchange

This is the text about threat reporting

GO ->
Capability Assessments

This is the text about threat reporting

GO ->
Intrusion Set Dashboard

This is the text about threat reporting

GO ->

Join the Experiment. Developers and Security Professionals Welcome.

Unfetter is open source and looking for partners. If you have an idea for new functionality or a new workflow, let us know and submit an issue in GitHub. If you are a developer and have ideas on how to contribute, we welcome a pull request. We’re excited for everyone to join the experiment.

DOWNLOAD UNFETTER

Partner with Parsons for a more secure future.

Parson's corporation has been helping build Unfetter Discover into the product it is today. If you are you looking for a partner, please contact them.

CONTACT PARSONS