Category

Published Projects

Attack Flow v3

With Attack Flow, you will capture the entire attack and communicate what matters!

Continue reading

Threat-Informed Defense for the Financial Sector

Connect adversarial threat mitigations to cybersecurity program resources tailored to the financial sector, namely the Cyber Risk Institute Profile.

Continue reading

Ambiguous Techniques

Building upon the research of Summiting the Pyramid, Ambiguous Techniques is a methodology to determine malicious intent behind seemingly benign behavior by applying contextual analysis to ATT&CK techniques. Reduce false positives and uncover adversarial use of living-off-the-land activity.

Continue reading

Prioritize Known Exploited Vulnerabilities

Prioritize Known Exploited Vulnerabilities shows defenders how to take a threat informed approach to vulnerability management.

Continue reading

Security Stack Mappings – Hardware-Enabled Defense

The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the software bytes.

Continue reading

Summiting the Pyramid

Summiting the Pyramid (STP) creates a methodology to score analytics against the pyramid of pain, helping defenders create more robust detections against adversary behavior. With this update, STP reduces false positives and expands scoring to network-based analytics.

Continue reading

Secure AI

A collaboration with MITRE ATLAS™ to advance security for AI–enabled systems that takes a threat-informed approach, enables rapid exchange of new threat information, and provides mitigation strategies.

Continue reading

Technique Inference Engine

Know your adversary’s next move with the Technique Inference Engine, a machine learning-powered tool that infers unseen adversary techniques, providing security teams actionable intelligence.

Continue reading

Defending OT with ATT&CK

Defending Operational Technology (OT) with ATT&CK provides a customized collection of MITRE ATT&CK® techniques tailored to the attack surface and threat model for OT environments. Historical attacks against OT and adversarial techniques contained in ATT&CK for Enterprise, ATT&CK for …

Continue reading

Top ATT&CK Techniques

Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques. Our open methodology considers technique prevalence, common attack choke points, and actionability to enable defenders to focus on the ATT&CK techniques that are most relevant to their …

Continue reading