logo
        • Who We Are

        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage

        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us

        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Cybersecurity

        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations

        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense

        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • Developing tomorrow's cyber workforce today.
        • News & Insights

        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

        • Subscribe to Our Newsletters

        • Our tech foundation is addressing the complex problems that face our nation today. Find out how you can join our efforts as we spur innovation for public good.

          Subscribe

Center for Threat-Informed Defense Releases Impact Report, Illustrating its Collaborative R&D Approach in Cybersecurity

  • January 25, 2022

The report highlights 13 R&D projects readily available to the cybersecurity community and recognizes center participants’ impact in advancing a threat-informed defense approach to security

McLean, Va., [January 25, 2022] — The Center for Threat-Informed Defense (Center), a privately funded collaborative research and development organization operated by MITRE Engenuity, announced today the release of their inaugural Impact Report. The report, which highlights the 13 major research and development (R&D) projects released over the course of the past year, illustrates the power of the center’s unique approach to collaborative R&D in the public interest. Each project leverages a shared understanding of adversary tradecraft to advance the cybersecurity community’s ability to get ahead of agile adversaries.   Since its launch in November 2019, the center has grown from 13 founding members to 30 members representing a variety of industry sectors from around the world, including 10 of the “Fortune 100”.   “During the first two years of operation, the center and our members have been hard at work identifying real-world problems and gaps in the cybersecurity ecosystem and filling them with freely available resources,” said Jon Baker, director of research and development, Center for Threat-Informed Defense. “The R&D projects described in this report are a testament not only to the success of the center but also to the commitment of our members to work in the public interest – to help make everyone more secure.”   The R&D projects highlighted in the report range from cyber threat intelligence to testing and evaluation to defensive measures, including:

  • NIST-800-53 mappings to MITRE ATT&CK®: A comprehensive set of mappings of the popular security control framework to adversary behaviors defined in the ATT&CK knowledgebase of adversary tactics techniques and procedures.
  • ATT&CK Workbench: An easy-to-use open-source tool that allows organizations to manage and extend their own local version of ATT&CK and keep it in sync with MITRE’s knowledge base.
  • Adversary Emulation Library: A growing set of adversary emulation plans designed to make it easier for red teams to “look like” common cyber actors.

All the work is freely available through the center’s website, and represents some of the most important work the center is doing in collaboration with its members. Other R&D initiatives released by the center over the past two years includes an open-source research platform for automating the mapping of threat reports to ATT&CK and a series of mappings between the most prevalent cloud service provider security offerings and ATT&CK.   “The center brings together some of the best security teams from around the world with the cybersecurity experts from MITRE – the people who created CVE® and the ATT&CK framework,” Baker continued. “The practical resources that we’re releasing are designed to give defenders resources that they can use today to make it more difficult for the adversary to achieve their objectives. The 13 projects we’re highlighting in this report are just the beginning as we will be releasing many new projects throughout 2022.” As the center looks ahead to 2022, two of the projects slated for release include “Attack Flow,” the first in a series of projects designed to give defenders better ways to reason about sequences of adversary techniques. Also being released is a “Sightings Ecosystem”, which has analyzed voluntarily contributed intelligence on what tactics, techniques and procedures adversaries are using in the wild to help defenders understand how adversaries operate. To learn more about each of the projects developed by the Center for Threat-Informed Defense, as well as to download a copy of the full report, please visit https://ctid.mitre-engenuity.org/impact-report.   

About The Center for Threat-Informed Defense 

The center is a non-profit, privately funded research and development organization operated by MITRE Engenuity. The center’s mission is to advance the state of the art and the state of the practice in threat-informed defense globally. Comprised of participant organizations from around the globe with highly sophisticated security teams, the center builds on MITRE ATT&CK, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations. Because the center operates for the public good, outputs of its research and development are available publicly and for the benefit of all.   

About MITRE Engenuity 

MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.   MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense. www.mitre-engenuity.org

Explore News & Insights

Related Posts

see more news and insights