Put Your Money Where Your Adversaries Are: Exploited Vulnerabilities
Historically, vulnerability management and threat management have been separate disciplines, but in a risk-focused world, they need to be brought together.
Stacked Defense from the Hardware Up
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the software bytes.
Summiting the Pyramid: Bring the Pain with Robust and Accurate Detection
Summiting the Pyramid (STP) provides a methodology to score analytics against the pyramid of pain, helping defenders create more robust detections against adversary behavior.
The Best Defense is a Security Capability Mapped to ATT&CK
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the software bytes.
Threat-Informed Defense Applies Broadly – 2024 R&D Roadmap Update – Part Three
The third principle for our 2024 research program is Threat-Informed Defense applies broadly. You will find Center projects that apply threat-informed defense to artificial intelligence enabled systems, to hardware, and a variety of platforms.
Share the How – 2024 R&D Roadmap Update – Part Two
Our mission is to advance the state of the art and state of the practice in threat-informed defense globally. To make that transition from art to practice for all defenders, our second principle is Share the how.
Good Work Becomes Better Work – 2024 R&D Roadmap Update – Part One
Threat-informed defense identifies known adversary behavior, relevant to an organization’s threat model, and fosters a community-driven approach to enable an organization to proactively defend, self-assess, and improve defenses against those known threats.
Threat Informed Defense to Secure AI
The Secure AI research project is a collaborative effort between MITRE ATLAS™ and the Center for Threat-Informed Defense (Center) designed to facilitate rapid communication of evolving vulnerabilities in the AI security space through effective incident sharing. This research effort will boost …
Know Your Adversary's Next Move With TIE
Describing adversarial behaviors in the form of tactics, techniques, and procedures (TTPs) using MITRE ATT&CK® revolutionized detection and response. Focusing on TTPs creates an opportunity for high-fidelity detection of adversaries. If we can detect a behavior, the adversary will need to change …
Guarding the Grid: Defending Operational Technology With ATT&CK
Critical infrastructure such as electrical generation facilities, water treatment plants, and transportation systems are a lifeline for our communities. Unfortunately, this dependence has made critical infrastructure a prime target for threat actors.