The Best Defense is a Security Capability Mapped to ATT&CK
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the software bytes.
Threat-Informed Defense Applies Broadly – 2024 R&D Roadmap Update – Part Three
The third principle for our 2024 research program is Threat-Informed Defense applies broadly. You will find Center projects that apply threat-informed defense to artificial intelligence enabled systems, to hardware, and a variety of platforms.
Share the How – 2024 R&D Roadmap Update – Part Two
Our mission is to advance the state of the art and state of the practice in threat-informed defense globally. To make that transition from art to practice for all defenders, our second principle is Share the how.
Good Work Becomes Better Work – 2024 R&D Roadmap Update – Part One
Threat-informed defense identifies known adversary behavior, relevant to an organization’s threat model, and fosters a community-driven approach to enable an organization to proactively defend, self-assess, and improve defenses against those known threats.
Threat Informed Defense to Secure AI
The Secure AI research project is a collaborative effort between MITRE ATLAS™ and the Center for Threat-Informed Defense (Center) designed to facilitate rapid communication of evolving vulnerabilities in the AI security space through effective incident sharing. This research effort will boost …
Know Your Adversary's Next Move With TIE
Describing adversarial behaviors in the form of tactics, techniques, and procedures (TTPs) using MITRE ATT&CK® revolutionized detection and response. Focusing on TTPs creates an opportunity for high-fidelity detection of adversaries. If we can detect a behavior, the adversary will need to change …
Guarding the Grid: Defending Operational Technology With ATT&CK
Critical infrastructure such as electrical generation facilities, water treatment plants, and transportation systems are a lifeline for our communities. Unfortunately, this dependence has made critical infrastructure a prime target for threat actors.
Industry Leaders Expand Threat Informed Defense to AI Enabled Systems
As artificial intelligence (AI) becomes increasingly integrated into various industries, the importance of securing AI-enabled systems cannot be overstated. Recognizing this critical need, the Center for Threat-Informed Defense is launching a major initiative to bolster security for AI-enabled …
Turn Your Threat Model to Supermodel with ATT&CK
Cybersecurity teams use threat modeling as a critical component of defensive cyber operations to understand and reduce threats to their systems and environments. To stay up to date on various threats, teams rely on cyber threat intelligence (CTI) reporting.
Software Security: Now Threat-Informed!
The CWE with Environmental CVSS Calculator brings threat-informed defense into the software development lifecycle. The result is better prioritization of weaknesses while software is being created and ultimately guides software engineering teams to develop software with fewer vulnerabilities.