Future Work

The Summiting the Pyramid project is planning to look at other areas of research:

  • Analytic precision and addressing false positives while retaining robustness

  • Characterizing suitability of ATT&CK techniques to various levels of robustness

  • Lexical analysis and automated scoring of selected analytic query languages

  • Determining analytic robustness scoring for network-based analytics, both from a network-based sensing and host-based sensing perspective

  • Generalize the scoring methodology to additional operating systems and platforms

  • Analyze multi-analytic robustness scoring, where one or more analytics depend on or relate to each other, chains of techniques, etc.

If you have any thoughts to future areas of research, please submit a GitHub issue