Skip to the main content.
Partner Programs
Already a Partner?
The Value of Partnership with Netenrich



  • Netenrich /
  • Blog /
  • Amp up Security: MITRE’s SOC Strategies Go to 11. But Can We Go Higher?

2 min read

Amp up Security: MITRE’s SOC Strategies Go to 11. But Can We Go Higher?

MITRE strategy 10 says measure performance to improve performance. It’s important to set a baseline of where resources spend their time and energy — and what results they achieve. Resolution Intelligence Cloud can help with this by providing visibility — the complete operational picture across security and operations — and the ability to prioritize incidents based on risk to the business (identifying and separating the mundane from the urgent).

With that baseline established, organizations can improve SOC and IT interoperability and functionality. Hello, strategy 11.


MITRE Strategy 11: Turn up the volume by expanding SOC functionality

CHALLENGE: Cyber adversaries are continually evolving, and technology changes rapidly. SOCs need to keep pace.

MITRE suggests that once an incident response is mature, SOCs should enhance their programs with threat hunting, red teaming, deception, malware analysis, forensics, and tabletop exercises. Any of these can improve the likelihood of finding sophisticated adversaries.

We would add that there are already other, more advanced technologies to consider because they provide:

  • More data in real-time, over time, avoiding the risk of filtering out signals that turn out to be important when combined with other signals
  • More analytics and machine learning to identify patterns from disparate data sources over time, beyond what detection rules may miss
  • More automation to relieve alert fatigue and up-level analyst skill sets
  • More effectiveness, enabling analysts to move beyond a reactive, whack-a-mole approach to closing tickets and instead focus on proactively avoiding vulnerabilities, predicting potential threats, and identifying where to focus first to minimize damage when incidents occur.

Resolution Intelligence Cloud does all of the above today.

Using first-source and third-party curated threat intelligence, the platform crawls the web and weaves together indicators of compromise (IoCs) associated with new threats. If it detects a high rate of similar IoCs, it searches for real-time and historical context to determine if there’s been a breach. Note that it’s important to be able to store data for an extended period. As per the IBM/Ponemon Institute “Cost of a Data Breach Report 2022,” it takes an average of 277 days to detect and contain a breach. By taking this proactive step, SOCs can start to get ahead of threats, mitigating malicious compromises before they can cause damage.

And getting ahead is really what strategy 11 is all about. To beat the bad guys, you need to innovate, go beyond traditional constructs, and rethink how to run both security and IT operations.


Resolution Intelligence Cloud makes noise by lessening noise

In 2016, I wrote a book titled Threat Forecasting: Leveraging Big Data for Predictive Analysis. At that time, the technology that would enable predictive analysis for threat forecasting was just emerging. Now it’s here, ready, and it’s why I joined Netenrich to lead product management for Resolution Intelligence Cloud.

Throughout this MITRE blog series, I’ve discussed how Resolution Intelligence Cloud is not just another technology platform, but a new way to run security and IT operations at scale and speed. Purpose-built to enable operational resilience, it improves threat detection and response, availability and performance, and wins for both IT ops and security teams.

In short, Resolution Intelligence Cloud is a strategy in and of itself that helps SOCs implement and amp nearly all of MITRE’s recommendations and ultimately, transform and optimize both security and IT operations to deliver better business results.


Emergence Cycle for Automated Moving Target Defense

4 min read

Netenrich is a Sample Related Vendor/Security Vendor in Gartner® report, Emerging Tech: Security — Emergence Cycle for Automated Moving Target Defense

According to the Gartner report, “Automated moving target defense (ATMD) technologies are paving the way for a new era of cyber defense...

Read More
Security solution

2 min read

Grow Your Security Solution Competitiveness with Netenrich and Google Cloud's OEM Program

Netenrich and Google Cloud have joined forces to offer a Fast-Track OEM program for security product innovation. Now security solution providers can...

Read More
EMA recommends Netenrich for RSA 2023

1 min read

EMA Names Netenrich a Leading Security Visionary and “Must See” Vendor at RSA 2023

Wondering what to see and who to visit at RSA 2023? Enterprise Management Associates (EMA) named Netenrich one of the top 10 “must see” vendors at...

Read More