CISA Launches The Eviction Strategies Tool

Source: Packet Storm Security – News

Author: unknown

URL: https://www.cisa.gov/resources-tools/resources/eviction-strategies-tool

https://www.cisa.gov/resources-tools/resources/eviction-strategies-tool

ONE SENTENCE SUMMARY:

CISA’s Eviction Strategies Tool, featuring Playbook-NG and COUN7ER, aids cyber defenders in crafting customized incident response plans.

MAIN POINTS:

1. Playbook-NG and COUN7ER support incident response by providing systematic eviction plans.
2. The tool accelerates creation of response plans and offers tailored eviction strategies.
3. Users can export their inputs, but cannot alter the tool.
4. Playbook-NG uses MITRE ATT&CK® for matching incident findings with countermeasures.
5. COUN7ER database offers a collection of post-compromise countermeasures mapped to TTPs.
6. COUN7ER entries include intended outcomes, preparation, risks, guidance, and references.
7. CISA updates COUN7ER based on threat intelligence and incident observations.
8. Playbook-NG allows export in multiple formats like JSON and Microsoft Word.
9. Disclaimer emphasizes COUN7ER is informational, with users assuming all risks.
10. CISA encourages feedback through an anonymous survey.

TAKEAWAYS:

1. Tools are open source under the MIT License to encourage development.
2. COUN7ER aligns countermeasures with various security frameworks.
3. Playbook-NG provides incident templates for quick customization.
4. The tool helps in crisis response and tabletop exercise planning.
5. Feedback via an anonymous survey is welcomed by CISA.