• Who We Are
        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage
        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us
        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Cybersecurity
        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations
        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense
        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • Developing tomorrow's cyber workforce today.
        • News & Insights
        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

        • Subscribe to Our Newsletters
        • Our tech foundation is addressing the complex problems that face our nation today. Find out how you can join our efforts as we spur innovation for public good.


Threat-Informed Defense

threat-informed defense programs

Accelerating the cybersecurity community’s ability to get ahead of adversaries

By leveraging industry and MITRE expertise, we advance the state of the art and the state of the practice in threat-informed defense. Our programs develop practical MITRE ATT&CK® based resources, technologies, and processes, empowering cyber defenders to improve their operations.

cybersecurity team

A Proactive Approach to Security

Threat-informed defense is the systematic application of a deep understanding of adversary tradecraft and technology to improve defenses. By taking the information we understand and adding the adversary’s perspective into account, we can build prepared and resilient security operations.

Informed Security Investments

Direction based on real-world adversary behavior provides optimal guidance on proceeding with your security strategy.

Architecture Perspective

Defenders that put themselves in the adversary’s mind have a systematic understanding of the tactics, techniques and procedures (TTPs) that the adversary is deploying and ultimately a better understanding of how adversaries act.

Committed Community

The adversary is global, agile, and evasive. The fastest way to outpace the adversary is by sharing knowledge.

threat-informed defense

Applications of
Threat-Informed Defense

Threat-informed defense rests on a foundation of solid enterprise cybersecurity. It is a strategy and approach that an organization implements in addition to getting a handle on their basic cyber hygiene.


Threat-informed defense is…

  • A lens, through which, you can understand your security posture
  • A way to think about your security architecture and operations
  • A way to prioritize your security strategy and investments
  • A way of assessing the effectiveness of your security investments

Threat-Informed Defense

The three pillars of our threat-informed defense program include the renowned Center for Threat-Informed Defense, the trusted ATT&CK Evaluations program, and the innovative MITRE ATT&CK Defender™ training and certification program. In support of MITRE’s mission to solve problems for a safer world, each program provides the community with freely available resources.

Cyber Trifecta

Center for Threat-Informed Defense

The Center for Threat-Informed Defense is a collaborative research and development organization with a mission to advance the state of the art and the state of the practice of threat-informed defense.

Get Involved With The Center

Community Resources

Results of the Center’s R&D projects are freely available to the public.

View Our Work

ATT&CK® Evaluations

Open and fair evaluations based on ATT&CK enable users to better understand and defend against real-world threats – leading to a safer world for all.

View Our ATT&CK Methodology

Community Resources

Evaluation results are available to the public so other organizations may provide their own analysis and interpretation.

View ATT&CK Results


MITRE ATT&CK Defender (MAD) is a training and credentialing program that enables strengthening of the threat-informed defense approach to cybersecurity. MITRE Engenuity launched MAD in 2020.  As part of its strategic partnership with industry, MITRE Engenuity teamed with a company called MAD20 Technologies (MAD20) to transfer management and scaling of MAD.  MAD20 is a completely independent company that will have full responsibility over MAD. This transfer sometimes is referred to as a “spinout” of a MITRE Engenuity capability. MAD20 will continue to build upon our successes and operate the program as their primary business. Learn more and access the on-demand training solution at MAD20.

View MAD20 Upskill Opportunities

Community Resources

MAD20 logo

Login to MAD20