Defenders typically track adversary behaviors atomically, focusing on one specific action at a time. While this is a good first step toward adopting a threat-informed defense, adversaries usually use multiple actions in sequence—we call these sequences attack flows. Toward the goal of visualizing, …
ATT&CK Workbench is an easy-to-use open-source tool that allows organizations to manage and extend their own local version of ATT&CK and keep it in sync with MITRE’s knowledge base.
Workbench allows users to explore, create, annotate, and share extensions of the ATT&CK knowledge base. …
This open-source CALDERA plugin helps you understand what a vulnerability exposes to an adversary and what potential destructive paths an adversary could take within the network as a result of those vulnerabilities. Pathfinder aims to push the boundaries on vulnerability scanning, moving them to the …
In this video we showcase the CALDERA™ Pathfinder, an open-source CALDERA plugin developed through the Center for Threat-Informed Defense’s research program in collaboration with Siemens AG. Pathfinder aims to transport vulnerability scanning into the next generation by integrating vulnerability …
