threat-informed defense programs
Accelerating the cybersecurity community’s ability to get ahead of adversaries
By leveraging industry and MITRE expertise, we advance the state of the art and the state of the practice in threat-informed defense. Our programs develop practical MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)®-based resources, technologies, and processes, empowering cyber defenders to improve their operations.
A Proactive Approach to Security
Threat-informed defense is the systematic application of a deep understanding of adversary tradecraft and technology to improve defenses. By taking the information we understand and adding the adversary’s perspective into account, we can build prepared and resilient security operations.
Informed Security Investments
Direction based on real-world adversary behavior provides optimal guidance on proceeding with your security strategy.
Defenders that put themselves in the adversary’s mind have a systematic understanding of the tactics, techniques and procedures (TTPs) that the adversary is deploying and ultimately a better understanding of how adversaries act.
The adversary is global, agile, and evasive. The fastest way to outpace the adversary is by sharing knowledge.
Threat-Informed Defense Categories
Adversary Prevention and Detection
Alignment with the ATT&CK knowledge base. This focus is on adversary TTP prevention, detection, and remediation.
Proactively engaging the adversary outside the boundaries of an environment with approaches like deception or denial, honey pots, sandboxes, or other techniques.
The three pillars of our threat-informed defense program include the renowned Center for Threat-Informed Defense, the trusted ATT&CK Evaluations program, and the innovative MITRE ATT&CK Defender™ training and certification program. In support of MITRE’s mission to solve problems for a safer world, each program provides the community with freely available resources.