By Alice Chambers |
Microsoft and CrowdStrike have published the first version of their joint threat actor mapping, which includes a list of common actors that they track.
The reference guide will help to improve confidence in threat actor identification, streamline correlation across platforms and reports, and accelerate defender action against cyberthreats.
“One major cause of delayed response is understanding threat actor attribution, which is often slowed by inaccurate or incomplete data as well as inconsistencies in naming across platforms,” said Vasu Jakkal, corporate vice president of Microsoft Security. “This reference guide serves as a starting point, a way to translate across naming systems so defenders can work faster and more efficiently, especially in environments where insights from multiple vendors are in play.”
Microsoft will collaborate with Google/Mandiant and Palo Alto Networks Unit 42 on similar taxonomy mapping in the near future.
“Security is a shared responsibility, requiring community-wide efforts to improve defensive measures,” said Jakkal. “We are excited to be teaming up with CrowdStrike and we look forward to others joining us on this journey.”