I'm feeling stupid reading this because I feel like it's using a tactical framework I'm not familiar with, e.g. what is the significance of the labeling of items like "Meeting Overload" with "T1001"?
FWIW my feeling is positive in regard to the core meaning being conveyed- I just feel like I'm missing out on something in not understanding the format.
kayo_20211030•1mo ago
I'm with you. What is this?
waldothedog•1mo ago
It looks like a sort of serial number or categorization. The first block they are T1. The second block they are T2. So each category (access, persistence, etc) is a T w a leading number and the issues/“tactics” inside of that have a 001, 002 etc, as a reference to that specific instance (meeting overload)
Edited for typos
RankingMember•1mo ago
Yeah I get that, I just don't understand the "why"
stackghost•1mo ago
Imagine the website is presenting you with a quicksheet about some new type of attack. It's called BUSY.
Initial Access covers how you being a BUSY attack. Execution covers how BUSY tends to manifest itself in normal operations. And so on, and so forth.
Note the domain: CISO Tradecraft. It's just the author(s) being cheeky in their presentation. If you aren't in a security-adjacent space I could see how it wouldn't land.
bytecauldron•1mo ago
Not saying there isn't anything valuable here but the entire site looks like an LLM prompt.
evanreichard•1mo ago
It's an homage to MITRE ATT&CK.
twuiketghtdgh•1mo ago
this site is a riff on mitre att&ck, a popular and highly-utilized framework for organizing and categorizing threat actor and malware tradecraft. it's also llm slop.
conkeisterdoor•1mo ago
The numbering of the challenges (eg T1001) is a little confusing to me too. My assumption is that the first number after the T is a tactic ID and the remaining digits are the challenge/issue ID. Maybe the challenge/issue ID is 3 digits because there's room (a plan?) to add many more examples?
I like the substance of this conceptual model as well (and may actually use some of it in my own personal productivity framework :-)), but don't see why it needs to be presented this way. It's neat, but I'd personally rather all the content be on one page, and maybe with a search feature for if/when the list of example challenges/issues grows.
jatins•1mo ago
Looks like an LLM generated site with little thought put behind it, flagged for a low effort submission
RankingMember•1mo ago
FWIW my feeling is positive in regard to the core meaning being conveyed- I just feel like I'm missing out on something in not understanding the format.
kayo_20211030•1mo ago
waldothedog•1mo ago
Edited for typos
RankingMember•1mo ago
stackghost•1mo ago
Initial Access covers how you being a BUSY attack. Execution covers how BUSY tends to manifest itself in normal operations. And so on, and so forth.
Note the domain: CISO Tradecraft. It's just the author(s) being cheeky in their presentation. If you aren't in a security-adjacent space I could see how it wouldn't land.
bytecauldron•1mo ago
evanreichard•1mo ago
twuiketghtdgh•1mo ago
conkeisterdoor•1mo ago
I like the substance of this conceptual model as well (and may actually use some of it in my own personal productivity framework :-)), but don't see why it needs to be presented this way. It's neat, but I'd personally rather all the content be on one page, and maybe with a search feature for if/when the list of example challenges/issues grows.