{"id":37157,"date":"2020-09-16T16:00:39","date_gmt":"2020-09-16T16:00:39","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=91878"},"modified":"2020-09-16T16:00:39","modified_gmt":"2020-09-16T16:00:39","slug":"industry-wide-partnership-on-threat-informed-defense-improves-security-for-all","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/","title":{"rendered":"Industry-wide partnership on threat-informed defense improves security for all"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2020\/09\/FIN6-MESU-emulation-plan-MITRE.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>MITRE Engenuity\u2019s Center for Threat-Informed Defense has <a href=\"https:\/\/medium.com\/mitre-engenuity\/center-releases-fin6-adversary-emulation-plan-775d8c5ebe9b\">published<\/a> a library of detailed plans for emulating the threat actor FIN6 (which Microsoft tracks as TAAL), a collection of threat intelligence, MITRE ATT&amp;CK data, supporting scripts, and utilities designed to enable red teams to emulate the adversary and evaluate defensive capabilities in their environments.<\/p>\n<p>Microsoft, a founding member of MITRE Engenuity\u2019s Center for Threat-Informed Defense, is proud to be part of this industry-wide collaborative project. The Center for Threat-Informed Defense aims to bring together security researchers from across the globe to advance state-of-the-art approaches in cybersecurity.<\/p>\n<p>Through projects like publishing the <a href=\"https:\/\/medium.com\/mitre-engenuity\/center-releases-fin6-adversary-emulation-plan-775d8c5ebe9b\">FIN6 adversary emulation plan<\/a>, the center supports applied research and advanced development to improve cyber defense at scale. And because the center builds on MITRE ATT&amp;CK, the emulation plan aligns with a framework that security researchers and analysts are already familiar with and use in security operations.<\/p>\n<h2>FIN6: Evolving e-crime group<\/h2>\n<p>FIN6 is a sophisticated e-crime group, suspected to be of Russian origins, that has been operating since 2015. The financially motivated group is known to target point-of-sale or (POS) systems in the retail and hospitality industries using&nbsp;the FrameworkPOS and GratefulPOS malware strains. Recently, the group has expanded their activities to \u201cMagecart\u201d campaigns, in which they insert malicious scripts into online shopping websites to steal credit card data and other sensitive info.<\/p>\n<p>The group has also been observed utilizing existing Trickbot infections to gain access to target networks, move laterally through RDP brute force, and deploy Ryuk and LockerGoga ransomware payloads in specific locations. In addition, FIN6 has been seen leveraging the malware framework called \u201cAnchor\u201d, which has also been tied to Trickbot activity since 2018, lending credence to the alleged operational link between the two groups.<\/p>\n<p>These campaigns point to the group continuously evolving and broadening its objectives, attack tooling, and partnerships with other e-crime groups to further its financially motivated goals.<\/p>\n<h2>Critical, practical emulation plan<\/h2>\n<p>The FIN6 emulation plan published by the Center for Threat-Informed Defense assembles threat actor information, individual tactics, technique, and procedures (TTPs), and emulation plans. It collects threat intelligence that today exist in multiple places into a single resource, saving red teams time and effort in scouring, reading, and digesting information, while also delivering essential emulation information.<\/p>\n<p>Red teams looking to emulate the adversary, no matter their skill level, will find the plan beneficial. In addition to providing an overview of the threat actor, it lists required, publicly available tooling that will help ensure that prerequisites are met for a successful operation.<\/p>\n<p>The emulation plans are organized in phases, which are useful for structuring red team operations to emulate FIN6\u2019s goals and procedures. Tactics, techniques, and procedures (TTPs) implemented in CALDERA and Atomic Red Team style provide signals for all relevant MITRE ATT&amp;CK techniques. This assembly of information takes red teams from minimal knowledge to working emulation in short order.<\/p>\n<p>More advanced teams will likewise find this plan valuable. Even when teams are not limited to publicly available tools and command-line emulation, the TTP emulation plan can save time and be used as basis for implementing more complex and nuanced emulation, or for absorbing these capabilities into custom tooling.<\/p>\n<p>Ultimately, research like the FIN6 emulation plan provides critical, realistic emulation signals to blue teams faster. Because emulation plans that are usable off-the-shelf lowers the bar to receiving threat emulation signals, by and large, it helps improve defense capabilities.<\/p>\n<h2>Microsoft Threat Protection coverage<\/h2>\n<p>The FIN6 emulation plan covers a total of 16 MITRE ATT&amp;CK techniques, many of which are very tricky to detect because they blend into normal network activity, but all 16 are visible to Microsoft Threat Protection. Microsoft Threat Protection, which delivers coordinated cross-domain defense by consolidating threat data across endpoint, email and data, identities, and apps, has demonstrated its <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/05\/01\/microsoft-threat-protection-leads-real-world-detection-mitre-attck-evaluation\/\">industry-leading detection capabilities in the latest MITRE ATT&amp;CK evaluation<\/a>.<\/p>\n<p>For seven of the techniques utilized by FIN6, Microsoft Threat Protection automatically raises real-time alerts, notifying security operations teams about the presence of the threat actor and its activities in a network. The rest of the FIN6 techniques are recorded by Microsoft Threat Protection as telemetry, which are presented as details within process trees in alerts.<\/p>\n<p>In addition, even with the evasive nature of these techniques, Microsoft Threat Protection stops processes related to three of the techniques on endpoints. It does this through next-generation protection capabilities, as well as the new <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/microsoft-defender-atp\/introducing-edr-in-block-mode-stopping-attacks-in-their-tracks\/ba-p\/1596617\">endpoint and detection response (EDR) in block mode<\/a>. EDR in block mode transforms EDR detections into blocking and containment of malicious behaviors and artifacts.<\/p>\n<p>All related alerts and signals, as well as other important information like affected entities and remediation status, are consolidated into a single <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/07\/09\/inside-microsoft-threat-protection-correlating-and-consolidating-attacks-into-incidents\/\">incident view<\/a>. This correlation of threat data allows security operations teams to determine the full scope of the threat on their environments, prioritize alerts based on severity level, and swiftly remediate affected assets.<\/p>\n<p>As part of Microsoft\u2019s own learning from the emulation plan and the partnership with the Center for Threat-Informed Defense, our researchers are looking into further improving coverage by looking into transforming telemetry into specific detections that raise alerts, where applicable.<\/p>\n<h2>Industry collaborations yields stronger protection for the ecosystem<\/h2>\n<p>Microsoft Threat Protection\u2019s 100% coverage of the MITRE ATT&amp;CK techniques covered by the FIN6 emulation plan demonstrates Microsoft\u2019s broad visibility into threats, especially sophisticated and persistent ones like FIN6 attacks. By partnering with the MITRE Engenuity\u2019s <a href=\"https:\/\/mitre-engenuity.org\/center-for-threat-informed-defense\/\">Center for Threat-Informed Defense<\/a>, we can share our insights and experiences to other members of the Center and to the industry in general, while also learning from other experts.<\/p>\n<p>Microsoft has always been a champion of industry-wide partnerships, because these result in better security for the whole ecosystem. To this end, we will continue to work with MITRE Engenuity for projects like this. We will also continue partnering with MITRE Corporation to build transparent and collaborative testing that benefits all.<\/p>\n<p><strong><em>Dana Baril, Ivan Macalintal, Kate Farris<\/em><\/strong><\/p>\n<p><em>Microsoft Threat Protection Research Team<\/em><\/p>\n<p> READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/09\/16\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>MITRE Engenuity\u2019s Center for Threat-Informed Defense has published a library of detailed plans for emulating the threat actor FIN6 (which Microsoft tracks as TAAL). Microsoft is proud to be part of this industry-wide collaborative project.<br \/>\nThe post Industry-wide partnership on threat-informed defense improves security for all appeared first on Microsoft Security. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":37158,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[8926,8927,347,7617,7221,4941,8928,8929,8930],"class_list":["post-37157","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-adversary-emulation-plan","tag-center-for-threat-informed-defense","tag-cybersecurity","tag-fin6","tag-microsoft-security-intelligence","tag-mitre","tag-mitre-attck","tag-mitre-engenuity","tag-taal"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Industry-wide partnership on threat-informed defense improves security for all 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Industry-wide partnership on threat-informed defense improves security for all 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-16T16:00:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Industry-wide partnership on threat-informed defense improves security for all\",\"datePublished\":\"2020-09-16T16:00:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\"},\"wordCount\":1008,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg\",\"keywords\":[\"adversary emulation plan\",\"Center for Threat-Informed Defense\",\"Cybersecurity\",\"FIN6\",\"Microsoft security intelligence\",\"MITRE\",\"MITRE ATT&amp;CK\",\"MITRE Engenuity\",\"TAAL\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\",\"name\":\"Industry-wide partnership on threat-informed defense improves security for all 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg\",\"datePublished\":\"2020-09-16T16:00:39+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg\",\"width\":1200,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"adversary emulation plan\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/adversary-emulation-plan\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Industry-wide partnership on threat-informed defense improves security for all\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Industry-wide partnership on threat-informed defense improves security for all 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/","og_locale":"en_US","og_type":"article","og_title":"Industry-wide partnership on threat-informed defense improves security for all 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-09-16T16:00:39+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Industry-wide partnership on threat-informed defense improves security for all","datePublished":"2020-09-16T16:00:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/"},"wordCount":1008,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg","keywords":["adversary emulation plan","Center for Threat-Informed Defense","Cybersecurity","FIN6","Microsoft security intelligence","MITRE","MITRE ATT&amp;CK","MITRE Engenuity","TAAL"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/","url":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/","name":"Industry-wide partnership on threat-informed defense improves security for all 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg","datePublished":"2020-09-16T16:00:39+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all.jpg","width":1200,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/industry-wide-partnership-on-threat-informed-defense-improves-security-for-all\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"adversary emulation plan","item":"https:\/\/www.threatshub.org\/blog\/tag\/adversary-emulation-plan\/"},{"@type":"ListItem","position":3,"name":"Industry-wide partnership on threat-informed defense improves security for all"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=37157"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37157\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/37158"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=37157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=37157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=37157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}