The world is under near constant attack from cyber criminals, state-sponsored actors, and other entities that have the potential to impact the safety and security of your organization. With TAAM, you control whether or not you are prepared to meet today’s most formidable cyber adversaries.
Information is automatically retrieved and collected, with consolidated actor profiles.
Tactics, techniques, and procedures are mapped to the MITRE ATT&CK Framework.
Security defenses are tested with the same behaviors used by your adversaries.
Gain an accurate understanding of which threat actor groups could compromise your organization.
This award-winning product is a supplemental module for the Security Instrumentation Platform. TAAM allows your organization to proactively leverage existing threat intelligence and validate security posture against specific threat actors.
The TAAM dashboard provides a visualization of how your security controls perform against various Threat Actors. Each panel is populated based on the results of actions that have been run.
All users can resize, move panels, and update panel options and dates. Admins can update the default, system-wide dashboard, and organize panels as they see fit.
01 / 04
Tactics Radar
Click to Expand
02 / 04
Controls Panel
Click to Expand
03 / 04
Readiness Panel
Click to Expand
04 / 04
Trending Block Rate
Click to Expand
By default these sync every 24 hours - you can have them paused, change the frequency of the sync. The information coming in is slightly different based on what’s available.
Threat actor library is populated by retrieving information from your Threat Intelligence Integration Platforms (TIPs) or by manually creating a Threat Actor Profile.
Information for each threat actor is consolidated into unique threat actor profiles, including: threat actor tactics, techniques, procedures, aliases.
From a threat actor profile, you can run evaluations and sequences that are related to that threat actor and jump to the most recent job results.
A healthcare customer discovered major inconsistencies with their defenses in different parts of their network from attacks by APT41, a dual espionage and criminal threat actor that commonly targets their industry. TAAM allowed them to focus on improving their defenses against this attacker and demonstrate preparedness to their leadership.
Captive IOC (Indicators of Compromise) Actions allow for the safe evaluation of defensive performance related to blocking communication with publicly-routable destination addresses for a Threat Actor, using proxy/nat communication rules between actors.
Challenged by how to validate your security against today's most advanced threat actors? Our industry experts stand ready to help.
Shows how your security controls are doing in relation to the MITRE ATT&CK tactics. If the block rate is above 75%, the information displayed is green. If below, it is red. This is interactive and you can look deeper into each area.
Displays a series of bar charts showing the total number of tests run over a period of time. Data for this panel is based on job results for actions.
Displays how well you are protected against five threat actors, based on MITRE ATT&CK techniques. For a more general view, you can change this list to alphabetical order.
This panel allows you to quickly see how well your security controls block actions over a given timeframe. If the block rate is above 75%, the information displayed is green. If below, it is red.