Adversary emulation plans are an excellent way to validate defenses against known adversarial behaviors, but they can be cost prohibitive and very complex to execute. We wanted to lower the barrier to entry by creating smaller scale adversary emulation plans that are easy to automate and focus on …
In this second episode in the Center for Threat-Informed Defense’s ‘Leadership Spotlight’ video series, Derek Manky, Chief Security Strategist & VP Global Threat Intelligence at Fortinet’s FortiGuard Labs, discusses the Center’s Attack Flow project.
In this first episode of the Center for Threat-Informed Defense’s “Leadership Spotlight” video series, Joel Spurlock, Senior Director of Malware Research at CrowdStrike, discusses the Center’s Top ATT&CK Techniques project.
In this video we showcase ATT&CK Powered Suit, a freely available Chrome Extension that puts the MITRE ATT&CK® knowledge base at your fingertips. This extension enables quick searches for tactics, techniques and more without disrupting your workflow.
The Center for Threat-Informed Defense’s ATT&CK Integration into VERIS project aims to help practitioners connect VERIS with MITRE ATT&CK and obtain more context about the threats they face. Verizon participated in this project and Alex Pinto, Senior Manager of their Data Breach …
As a vital piece of advancing threat-informed defense is ensuring that we have the most accurate and up-to-date understanding of adversary behavior, the Center for Threat-Informed Defense launched the Sightings Ecosystem project, which collects and analyzes reports of MITRE ATT&CK® techniques …
Facing ever-evolving cybersecurity threats, organizations of all sizes need to be better able to assess potential threats and assess their security posture. This is where an effective threat-informed defense can play an important role.
In this Center Conversation, Carl Wright, Chief Commercial …
As cyber adversaries become more sophisticated and creative, organizations of all sizes need to be able to assess their defenses against potential threats. This is where adversary emulation plans, like the Center for Threat-Informed Defense’s recent menuPass and FIN6 research projects, can have a …
In this video we showcase the CALDERA™ Pathfinder, an open-source CALDERA plugin developed through the Center for Threat-Informed Defense’s research program in collaboration with Siemens AG. Pathfinder aims to transport vulnerability scanning into the next generation by integrating vulnerability …
Take a tour of the MITRE Center for Threat-Informed Defense’s FIN6 Adversary Emulation Plan, the first entry in the Center’s public library of adversary emulation plans. The plan includes the FIN6 Intelligence Summary, a curated collection of available cyber threat intelligence, comprised of an …
