The IBM® X-Force® Incident Response and Intelligence Services (IRIS) cyberattack preparation and execution frameworks build upon the industry-standard conceptual approaches to analyzing a cyberattack. These industry-standard approaches include Lockheed Martin’s Cyber Kill Chain*, Mandiant’s Attack Lifecycle*, MITRE’s ATT&CK*, and others. The X-Force IRIS cyberattack preparation and execution frameworks provide a logical flow representative of attacks today and they also incorporate phases not typically included in other frameworks. As attackers continue to increase in sophistication, X-Force IRIS believes these additional phases are increasingly relevant. 

The X-Force IRIS attack preparation framework is a particularly important addition, as it is vital to understanding and responding to modern cyber incidents. The frameworks also incorporate the use of tactics that attackers employ to hide their attack planning, presence within a network and attribution to a specific country or group. The attacker may perform obfuscation tactics during both the cyberattack preparation and the cyberattack execution frameworks. These phases are identified as “operational security” and “defense evasion and monitoring” respectively. To read more, please download this report…

To Unlock This Resource Please Fill Following Details

You can withdraw your marketing consent at any time by sending an email to Also you may unsubscribe from receiving marketing emails from IBM by clicking the unsubscribe link in each such email.
More information on IBM processing of your personal data can be found in the IBM Privacy Statement. By submitting this form I acknowledge that I have read and understand the IBM Privacy Statement.


Please enter your comment!
Please enter your name here