Published Projects

Defending OT with ATT&CK

Project Summary

Defending Operational Technology (OT) with ATT&CK provides a customized collection of MITRE ATT&CK® techniques tailored to the attack surface and threat model for OT environments. Historical attacks against OT and adversarial techniques contained in ATT&CK for Enterprise, ATT&CK for ICS, and other relevant ATT&CK platforms were analyzed to identify and define a reference architecture and threat collection of techniques adversaries could use within an IT/OT hybrid architecture. The resultant resources can be used by organizations that use OT to evaluate and employ security controls for real-world adversary behaviors targeting those environments.

Problem

Organizations need to understand the techniques adversaries use against OT and the enterprise systems that manage OT.

Solution

Develop a straightforward approach to understanding and working with the techniques applicable to OT.

Impact

Organizations defend against the full set of techniques against OT.


Funding Research Participants



Non-Profit Participants


Explore More of Our Work:

Attack Flow v3

With Attack Flow, you will capture the entire attack and communicate what matters!

Continue reading

Threat-Informed Defense for the Financial Sector

Connect adversarial threat mitigations to cybersecurity program resources tailored to the financial sector, namely the Cyber Risk Institute …

Continue reading

Ambiguous Techniques

Building upon the research of Summiting the Pyramid, Ambiguous Techniques is a methodology to determine malicious intent behind seemingly benign …

Continue reading

Stay Informed

Sign up for our "Stay Informed" mailing list to receive announcements for project publications, upcoming events, and other news about the Center.