Engineering Blog


HITRUST and Microsoft’s Dynamic Duo Against Cyber Threats

HITRUST, a leader in information security and compliance assurance, has partnered with Microsoft to enhance its Cyber Threat Adaptive engine, introducing advanced AI capabilities to bolster the accuracy and timeliness of HITRUST CSF updates. This update enables HITRUST to analyze threat intelligence and breach data against CSF controls, ensuring relevance and effectiveness in managing cyber risk. Leveraging Microsoft Azure OpenAI Service and Defender Threat Intelligence, along with cross-referencing MITRE ATT&CK tactics, the engine now offers high-frequency analysis for timely insights. These enhancements not only provide immediate guidance for vulnerabilities but also lay the groundwork for future tools to conduct in-depth control assessments. This collaboration underscores HITRUST and Microsoft’s commitment to advancing cybersecurity intelligence and technology, empowering organizations to effectively combat cyber threats.

HITRUST Engine’s Latest Enhancements

  • Shift to Microsoft Azure OpenAI Service: The Cyber Threat Adaptive engine is transitioning its generative AI technology to Microsoft Azure OpenAI Service. This move enhances and accelerates analytical capabilities, ensuring control requirements align with the latest threat intelligence.
  • Integration of Microsoft Defender Threat Intelligence: The engine now incorporates Microsoft Defender Threat Intelligence, offering an expanded set of tested indicators of attack and compromise. This integration strengthens the engine’s ability to detect and respond to evolving cyber threats effectively.
  • Cross-Referencing with MITRE ATT&CK: The engine cross-references MITRE ATT&CK’s tactics, techniques, and procedures (TTPs) with requirements in the HITRUST CSF. This alignment enhances the engine’s understanding of cyber threat behaviors, enabling more targeted and effective control implementations.
  • Transition to High-Frequency Analysis: The engine has transitioned to high-frequency analysis, replacing the previous quarterly review cycle. This shift allows for more frequent assessments and threat bulletins from HITRUST, ensuring organizations stay informed about emerging threats in real-time.

Reference to the article : HITRUST

Follow us for more Updates

Previous Post
Next Post