Microsoft and CrowdStrike have partnered to align their threat actor taxonomies, creating a joint threat actor mapping initiative to enhance cybersecurity efforts. This collaboration seeks to streamline how different cybersecurity vendors label hacking groups, which often leads to confusion due to the various nicknames they assign. The effort aims to simplify tracking of threat actors, improve response times, and boost confidence in attributions by aiding understanding of overlapping activities. Key industry players like Google and Palo Alto Networks are expected to join this initiative moving forward.
"By mapping where our knowledge of these actors align, we will provide security professionals with the ability to connect insights faster and make decisions with greater confidence," Vasu Jakkal, corporate vice president at Microsoft Security, said.
The initiative is seen as a way to untangle the menagerie of nicknames that private cybersecurity vendors assign to various hacking groups that are broadly categorized as a nation-state, financially motivated, influence operations, private sector offensive actors, and emerging clusters.
While the unified threat mapping system is a two-party effort, Google and its Mandiant subsidiary as well as Palo Alto Networks Unit 42 are also expected to contribute to the effort.
CrowdStrike said the alignment has led to successfully deconflicting more than 80 adversaries, adding the alliance aims to better correlate threat actor activities for security analysts.
Collection
[
|
...
]