Security Stack Mappings – Hardware-Enabled Defense
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the …
July 24, 2024
Project Summary
Threat Modeling with ATT&CK defines how to integrate MITRE ATT&CK® into your organization’s existing threat modeling methodology. This process is intended for universal application to any system or technology stack (large or small) using existing threat modeling methodologies like STRIDE, PASTA, or Attack Trees. To demonstrate its use and applicability to a wide audience of cybersecurity practitioners, we apply this process to a fictional internet-of-things (IOT) system called the Ankle Monitoring Predictor of Stroke (AMPS).
Problem
There is a lack of guidance on how to best utilize ATT&CK to improve existing threat modeling practices.
Solution
Develop a process to integrate ATT&CK into existing threat modeling methodologies that will enable companies to identify critical assets, assess threats to these assets, measure existing defensive capabilities, and recommend mitigations.
Impact
Companies will tailor their defensive investments to mitigate threats to their most critical assets.
Funding Research Participants
Explore More of Our Work:
Summiting the Pyramid
Summiting the Pyramid (STP) creates a methodology to score analytics against the pyramid of pain, helping defenders create more robust detections …
Secure AI
A collaboration with MITRE ATLAS™ to advance security for AI–enabled systems that takes a threat-informed approach, enables rapid exchange of new …
Stay Informed
Sign up for the Center's "Stay Informed" newsletter to get notified for new project releases and upcoming events.