Login to Center for Threat-Informed Defense

Building on the foundation of MITRE ATT&CK™ to improve cyber defense.

The Center for Threat-Informed Defense is a privately funded research and development organization focused on advancing the state-of-the-art and the-state-of-the-practice in threat-informed defense. Together with Center participants, we conduct applied research and advanced development to improve cyber defense at scale for the global community. The Center brings together the best security teams from around the world to identify and solve the most-pressing problems facing cyber defenders.

The Center builds on MITRE ATT&CK®, an important foundation for threat-informed defense used by security teams and vendors around the world in their enterprise security operations. Our research and development is informed by this deep technical understanding of cyber adversaries, their tradecraft, and technology. And, since the Center operates for the public good, we freely share the outputs of our research and development for the benefit of all.

There is a resounding call for MITRE to expand upon ATT&CK and ensure that it remains open, free, and keeps pace with evolving threats. The Center brings together this robust and rapidly growing community to conduct research in support of ATT&CK and accelerate innovation in threat-informed defense.

Our Research Approach

We do research for impact
Center projects focus on addressing practical, real-world problems faced by organizations around the world. The Center’s projects, chosen and funded by participants, will:

  • Increase the global understanding of cyber adversaries and their tradecraft by expanding upon the MITRE ATT&CK knowledge base
  • Advance threat-informed defense in cyber operations with open-source software, methodologies, and frameworks
  • Publish data sets critical to better understanding adversaries and their movements

Our goal is to change the game on adversaries by relentlessly improving our collective ability to prevent, detect, and respond to cyber attacks.

Public Interest Impact

public interest icon
Bringing together sophisticated security teams from leading organizations around the world to expand the global understanding of adversary behaviors
public interest icon
Creating focus, collaboration, and coordination to accelerate innovation in threat-informed defense, building on the MITRE ATT&CK framework
public interest icon
Creating a scalable platform for identifying and pursuing collaborative R&D in the public interest

How to Join

Because the cyber challenges we face are bigger than any single organization, sector, or country, we’re committed to bring together:

  • Global end-user and critical infrastructure companies
  • Leading technology companies
  • Cybersecurity-related non-profits including ISACs and ISAOs

For more information, contact us at CTID@mitre-engenuity.org

More about participation arrow image

Current Participants

Research Partners

Founding Member
Founding Member
Founding Member
Founding Member

Research Sponsors

Founding Member
Founding Member
Founding Member
Founding Member
Founding Member
Founding Member
Founding Member
Founding Member

Non-Profit Participants

Founding Member

Our Leadership

  • Richard J. Struse

    Director, Center for Threat-Informed Defense

    Richard Struse is the founding Director of MITRE Engenuity's Center for Threat-Informed Defense. Prior to co-founding the Center, he served as Chief Strategist for Cyber Threat Intelligence at MITRE  leading the effort to better understand adversarial tactics and techniques.  

    Richard came to MITRE from the U.S. Department of Homeland Security’s (DHS) National Cybersecurity and Communications Integration Center (NCCIC) as their Chief Advanced Technology Officer where he was responsible for technology vision, strategy and implementation. 

    He is also the creator of the STIX and TAXII automated information sharing initiatives which have been widely adopted across the public and private sectors. In recognition of this pioneering work, Secretary of Homeland Security Jeh Johnson awarded Richard with one of the department’s highest honors, the Secretary’s Award for Excellence.  Federal Computer Week recognized Richardas one of the “Federal 100” for his leadership role in the development of cyber threat intelligence technology standards. 

    In 2018, Richard was elected to serve on the board of directors of OASIS, a not-for-profit international standards and open-source organization where he also co-chairs the Cyber Threat Intelligence Technical Committee. 

  • Jonathan O. Baker

    Director of Research and Development, Center for Threat-Informed Defense

    Jon Baker is the founding Director of Research for MITRE Engenuity’s Center for Threat-Informed Defense. In addition to co-founding the Center, he is the Adversary Emulation and SOC Orchestration Department Head in The MITRE Corporation’s Cyber Operations and Effect Technology Center. His department leads the development of ATT&CK and works to advance adversary emulation as a capability to drive innovation in defensive cyber operations.  

    Jon has spent much of the past sixteen years at MITRE, working with industry and government partners to increase the affordability, efficiency, and effectiveness of cybersecurity automation and information sharing technologies. He led the MITRE team that developed STIX and TAXII, which enable automated cyber threat intelligence sharing. Jon led MITRE’s security automation team through the development of SCAP and managed the CVE team.  He was a cocreator of OVAL, a standard language for describing and checking for the presence of misconfigurations, vulnerabilities, and other endpoint artifacts.  

    Baker holds a bachelor’s degree in psychology from Tufts University and a master’s degree in computer science from Boston University.