Security Stack Mappings – Hardware-Enabled Defense
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the …
August 19, 2021
Cyber threat detection starts with understanding the data sources and sensors that can be used to detect a given adversary TTP. Motivated by a lack of detailed data source definitions in MITRE ATT&CK® to support defensive cyber operations use cases, we wanted to greatly expand the set of data sources in ATT&CK and research creating an open data model for data sources that would enable defenders to quickly determine if they have the data necessary to detect the adversary TTPs they care about. We worked with Center participants to develop a prototype model for describing data sources, as well as identifying and documenting a set of data sources that would ultimately be contributed to the ATT&CK Data Sources project.
Existing definitions of data sources necessary to detect adversary behavior are insufficient.
Create a single, coherent and open data model for the data sources in ATT&CK and greatly expand upon those data sources.
Defenders are able to quickly determine if they have the data necessary to detect the adversary TTPs they care about.
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the …
Summiting the Pyramid (STP) creates a methodology to score analytics against the pyramid of pain, helping defenders create more robust detections …
A collaboration with MITRE ATLAS™ to advance security for AI–enabled systems that takes a threat-informed approach, enables rapid exchange of new …
Sign up for the Center's "Stay Informed" newsletter to get notified for new project releases and upcoming events.