Threat-informed defense changes the game on the adversary. Threat-informed defenders read their adversaries’ playbooks and then orchestrate a defense based on that knowledge. MITRE ATT&CK® is the core of threat-informed defense as our framework of adversary tactics, techniques, and procedures …
MITRE ATLAS™ analyzed OpenClaw incidents that showcase how AI-first ecosystems introduce new exploit execution paths. OpenClaw is unique because it can independently make decisions, take actions, and complete tasks without continuous human oversight. By mapping the patterns and behaviors to ATLAS …
From large multinationals with mature cybersecurity programs to small startups, organizations around the globe use Attack Flow to track the APTs that are tracking them…
An ambiguous technique is a MITRE ATT&CK® technique whose observable characteristics are insufficient to determine intent. This means that the observable data does not allow us to confidently ascertain whether the intent…
In 2025, the Center for Threat-Informed Defense will develop the Fight Financial Fraud (F3) framework of tactics, techniques, and procedures (TTPs) used by fraud actors. The F3 framework may include new techniques that characterize known fraud TTPs. It will reference and refine existing ATT&CK …
The Center for Threat-Informed Defense applies a threat-informed approach to AI security that enables rapid exchange of new threat information, develops approaches to emulating those threats, and provides comprehensive and effective mitigation strategies.
The Center for Threat-Informed Defense has published the results of three new projects so far in 2025, as well as three updates within the corpus of Security Capability Mappings. Within the Center, our most impactful work comes from enabling efficiency and innovation across the industry, and we do …
Historically, vulnerability management and threat management have been separate disciplines, but in a risk-focused world, they need to be brought together.
The third principle for our 2024 research program is Threat-Informed Defense applies broadly. You will find Center projects that apply threat-informed defense to artificial intelligence enabled systems, to hardware, and a variety of platforms.
Our mission is to advance the state of the art and state of the practice in threat-informed defense globally. To make that transition from art to practice for all defenders, our second principle is Share the how.
