Our Work

Our Research Approach

Collaborative R&D in the Public Interest

Together with Participant organizations, we cultivate solutions for a safer world and advance threat-informed defense with open-source software, methodologies, and frameworks. By expanding upon the MITRE ATT&CK knowledge base, our work expands the global understanding of cyber adversaries and their tradecraft with the public release of data sets critical to better understanding adversarial behavior and their movements.

Jul 2022

Cloud Analytics

The Cloud Analytics project sought to advance the state of the practice by developing a blueprint for writing analytics for cloud platforms. To …

Continue reading

Jun 2022

Security Stack Mappings – Google Cloud Platform

This project identified and mapped security capabilities available as part of GCP to the ATT&CK techniques to which they can detect, protect, …

Continue reading

Jun 2022

ATT&CK Powered Suit

ATT&CK Powered Suit is a freely available browser extension that puts the MITRE ATT&CK® knowledge base at your fingertips. This extension …

Continue reading

May 2022

Top ATT&CK Techniques V1

Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques. Our open methodology considers …

Continue reading

Mar 2022

Attack Flow V1

Defenders typically track adversary behaviors atomically, focusing on one specific action at a time. While this is a good first step toward …

Continue reading

Feb 2022

Sightings Ecosystem V1

This project provides cybersecurity defenders and researchers with critical insight into real-world, in the wild adversary behaviors mapped to …

Continue reading

Feb 2022

Insider Threat TTP Knowledge Base V1

The Insider Threat Tactics, Techniques, and Procedures (TTP) Knowledge Base aims to advance our collective understanding of the technical …

Continue reading

Jan 2022

NIST 800-53 Controls to ATT&CK Mappings

This project created a comprehensive set of mappings between MITRE ATT&CK® and NIST Special Publication 800-53 with supporting documentation …

Continue reading

Oct 2021

Mapping ATT&CK to CVE for Impact

This research defines a methodology for using MITRE ATT&CK® to characterize the potential impacts of vulnerabilities. ATT&CK’s tactics …

Continue reading

Sep 2021

Threat Report Attack Mapper V1

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE …

Continue reading

Sep 2021

Security Stack Mappings – Amazon Web Services

This project empowers organizations with independent data on which native AWS security controls are most useful in defending against the …

Continue reading

Aug 2021

ATT&CK Integration into VERIS V1

This project created a mapping and translation layer between VERIS and ATT&CK that allows ATT&CK to describe the adversary behaviors that …

Continue reading

Categories

Tags