Cyber:
Threat-Informed Defense
threat-informed defense programs
Accelerating the cybersecurity community’s ability to get ahead of adversaries
By leveraging industry and MITRE expertise, we advance the state of the art and the state of the practice in threat-informed defense. Our programs develop practical MITRE ATT&CK® based resources, technologies, and processes, empowering cyber defenders to improve their operations.
A Proactive Approach to Security
Threat-informed defense is the systematic application of a deep understanding of adversary tradecraft and technology to improve defenses. By taking the information we understand and adding the adversary’s perspective into account, we can build prepared and resilient security operations.
Informed Security Investments
Direction based on real-world adversary behavior provides optimal guidance on proceeding with your security strategy.
Architecture Perspective
Defenders that put themselves in the adversary’s mind have a systematic understanding of the tactics, techniques and procedures (TTPs) that the adversary is deploying and ultimately a better understanding of how adversaries act.
Committed Community
The adversary is global, agile, and evasive. The fastest way to outpace the adversary is by sharing knowledge.
Applications of
Threat-Informed Defense
Threat-informed defense rests on a foundation of solid enterprise cybersecurity. It is a strategy and approach that an organization implements in addition to getting a handle on their basic cyber hygiene.
Threat-informed defense is…
- A lens, through which, you can understand your security posture
- A way to think about your security architecture and operations
- A way to prioritize your security strategy and investments
- A way of assessing the effectiveness of your security investments
Threat-Informed Defense
Programs
The three pillars of our threat-informed defense program include the renowned Center for Threat-Informed Defense, the trusted ATT&CK Evaluations program, and the innovative MITRE ATT&CK Defender™ training and certification program. In support of MITRE’s mission to solve problems for a safer world, each program provides the community with freely available resources.
Center for Threat-Informed Defense
The Center for Threat-Informed Defense is a collaborative research and development organization with a mission to advance the state of the art and the state of the practice of threat-informed defense.
Community Resources
Results of the Center’s R&D projects are freely available to the public.
ATT&CK® Evaluations
Open and fair evaluations based on ATT&CK enable users to better understand and defend against real-world threats – leading to a safer world for all.
Community Resources
Evaluation results are available to the public so other organizations may provide their own analysis and interpretation.
MITRE ATT&CK Defender (MAD)™
MITRE ATT&CK Defender (MAD) is a training and credentialing program that enables strengthening of the threat-informed defense approach to cybersecurity. MITRE Engenuity launched MAD in 2020. As part of its strategic partnership with industry, MITRE Engenuity teamed with a company called MAD20 Technologies (MAD20)™ to transfer management and scaling of MAD. MAD20 is a completely independent company that will have full responsibility over MAD. This transfer sometimes is referred to as a “spinout” of a MITRE Engenuity capability. MAD20 will continue to build upon our successes and operate the program as their primary business. Learn more and access the on-demand training solution at MAD20.