Individual Contributors
The Center for Threat-Informed Defense is a non-profit, privately funded research and development organization operated by MITRE. The Center’s mission is to advance the state of the art and the state of the practice in threat-informed defense globally.
Comprised of participant organizations from around the globe with highly sophisticated security teams, the Center builds on MITRE ATT&CK®, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations.
We are frequently asked how individual contributors can participate in the Center's work. While we do not offer a membership level for individuals, we do encourage individuals to engage with our R&D projects. This page describes a range of ideas for individuals to make meaningful, and impactful contributions.
Ways to Contribute
Use the Work
The most important way for individuals to contribute is to use the Center's work! Visit Our Work and find the projects that are most meaningful to your day-to-day work or that inspire you to learn a new topic within the cybersecurity field. Pick one of those projects and work with your colleagues to adopt it in your organization. Send us your feedback on the work by emailing us at ctid@mite-engenuity.org.
Spread the Word
Our mission is global, and we rely on cybersecurity practitioners around the world to be ambassadors for threat-informed defense. Follow us on LinkedIn and YouTube to stay current on our latest projects and updates. Like, comment, and share the projects within your professional network so that we can grow the threat-informed defense movement across all industry sectors and around the globe.
Meet Us
The Center attends and hosts a variety of conferences and workshops around the globe. Follow us on LinkedIn to see where we will be, come hear us speak, and join the conversation. Check out our Events Page to see our upcoming events and register, or view recordings from past events.
Code
Each of our projects has an open source repository on GitHub. Click on the "Issues" tab to see what work is outstanding. If you find something you'd like to work on, leave a comment in that thread so we can discuss it. When you are finished with the work, submit a pull request so that we can review and merge your changes into the project.
Contributions Welcome to these Projects
Attack Flow
- Use the Attack Flow Builder to create a new flow and then submit it for inclusion in our corpus by making a pull request.
- Embed attack flows into your cyberthreat intelligence, whether for internal use or for publication. If you publish an attack flow, let us know so we can amplify it.
Threat Report ATT&CK Mapper (TRAM)
- If you are a data scientist, augment the project's training data with your own training data and try re-training the model. If your data is open source, send us a pull request to merge your training data into the project.
- If you are a data scientist, use the training data from this project to experiment with training new model architectures. If you find a model that exceeds the performance of our current state of the art (SciBERT), send us a pull request so we can review and merge your model.
Mappings Explorer
- Create your own mappings using the Mappings Editor and following our official Mapping Methodology.
Summiting the Pyramid
- Score some analytics and submit them to the Sigma rule repository using the STP tag format.
Top ATT&CK Techniques
- Create a top 10 list following the project methodology. Publish this on your own social media or submit it as a pull request for inclusion on the website.