INFORM Assessment Tool
Threat-informed defense enables the collective resources of all defenders to be greater than those of any one adversary. It identifies known adversary behavior, relevant to an organization’s threat model, and fosters a community-driven approach to enable an organization to proactively defend, self-assess, and improve defenses against those known threats. As a threat-informed defense program matures, long-term understanding of adversaries and their evolution is required for defenders to identify how the adversary may evolve next.
All organizations, irrespective of size, revenue, or industry, can leverage threat-informed approaches in their security programs. The goal of the INFORM assessment is to provide a tool that any organization can use to assess their level of threat-informed maturity. The results of the assessment can be used to identify gaps, highlight discrete steps for improvement, and track improvements over time.
Complete a Self Assessment
Conduct a self assessment by checking the box for any of the components if you have the people, processes, and technology in place, and are actively acting on those respective components. Include components that are provided by 3rd parties, such as an MSSP. Once the self assessment is complete, results can be viewed in both text and graph forms.