VERIS, or the Vocabulary for Event Recording and Incident Sharing, is a set of metrics designed to provide a common language for describing cybersecurity incidents (and data breaches) in a structured and repeatable manner. VERIS provides cyber defenders and intelligence practitioners with the ability to collect and share useful incident-related information - anonymously and responsibly - with others. The VERIS Framework underpins the annual Data Breach Investigations Report (DBIR).
VERIS employs the A4 Threat Model to describe key aspects of incidents and breaches that affect victim organizations. Simply put, the A4 Threat Model seeks to answer: who (actor) did what (action) to what (asset) in what way (attribute) for threat modeling, intelligence analysis, breach mitigation and detection / response improvement.
Understand data breaches and cybersecurity incidents through the VERIS lens.
Identify the four components of the VERIS A4 Threat Model: actors, actions, assets, attributes.
Apply use cases for the VERIS A4 Threat Model.
Head | RDI, Verizon Threat Research Advisory Center,