Center for Threat-Informed Defense

The cybersecurity challenges that we face transcend any single organization, sector, or nation. We work closely across government and see our adversaries carrying out cyber-attacks at every level of our society. We have seen state sanctioned attacks on our health care systems, financial systems and energy infrastructure. Defending against adversaries requires uniting industry across sectors to advance our abilities in threat-informed defense. The Center for Threat-Informed Defense (CTID) brings together leading security teams from around the world and organizations committed to funding public interest R&D that accelerates publicly available resources critical to cyber defenses.

ATT&CK Evaluations

Since MITRE introduced ATT&CK® in May 2015, the practitioner community has come to rely on it to enable better communications and management around cybersecurity. Our ATT&CK Evaluations provide vendors with an assessment of their ability to defend against specific adversary tactics and techniques. We emulate known adversary behavior to ensure the evaluation is threat-informed, and carefully select adversaries that allow us to exercise common ATT&CK techniques, as well as push the market to more effectively secure the world’s networks. We openly publish the results to provide industry end-users of these cybersecurity products with the information they need to make good decisions about what is best for their organizations.

MITRE ATT&CK Defender™ (MAD)

The MITRE ATT&CK framework has helped practitioners across the security community adopt a threat-informed mindset and better align what they’re doing to understand and defend against real-world adversaries. For many practitioners, it’s not always clear how to adopt the framework into existing workflows – sure, the concepts make sense, but how can an organization actually implement  ATT&CK?  The MITRE ATT&CK Defender educates learners on the fundamentals of understanding and using ATT&CK within specific tasks like  building cyber threat intelligence and performing SOC assessments. All courses are available free to ensure all defenders can gain an advantage over agile adversaries.