MITRE ATT&CK Defender™ (MAD)


MITRE ATT&CK Defender™ (MAD) is coming soon! MAD is an annual subscription to unlimited ATT&CK certifications and bite-sized online training for cybersecurity practitioners. MAD content is produced by MITRE’s own ATT&CK subject matter experts to forge a new breed of advantaged defenders better prepared than ever to stop agile adversaries. A learner is continuously tested through experiential examinations requiring the demonstration of real-world skills blended with just-in-time recertification to affirm current ATT&CK proficiency. MAD’s new releases are in sync with updates to the framework, and unique to the industry, provide access to the online training free to the public.

Practitioners will soon have the option to subscribe to the MITRE ATT&CK Defender training and certification ecosystem. Subscribers can earn badges and get MAD certified across disciplines.

With a subscription to MAD, subscribers will validate their mastery of ATT&CK concepts.  With MAD badges and certifications, team leaders can be confident that a certified practitioner can employ the latest threat-informed defense TTPs.

Sign Up for MAD Notifications

Be the first to know when MAD training and certifications are available.

Preview What You Can Get MAD Skills in:

ATT&CK Fundamentals

3 Modules with 17 bite-sized education videos

Potential to earn the ATT&CK Fundamentals Badge

For practitioners involved or interested in threat modeling and applying this knowledge to improve the adversarial defense. This course is the first and fundamental piece of the MITRE ATT&CK Defender™ (MAD) training and certification series. Training modules are approximately 10 minutes each. The MAD Badge endorses that the learner has a threat-informed mindset and can focus efforts towards understanding and improving how defenses fare against real world adversaries.

ATT&CK for Cyber Threat Intelligence (CTI)

5 Modules with 20 bite-sized education videos and 8 exercises

Potential to earn 2 Badges & the MITRE ATT&CK Defender ™ CTI Certificate

For CTI practitioners interested in applying ATT&CK® to improve existing threat intelligence practices. This course explains why and how ATT&CK is useful for CTI. The training and experiential examinations will validate a learner’s ability to map to ATT&CK from both finished reporting and raw data, perform CTI analysis using ATT&CK-mapped data, make defensive recommendations based on research, and more. Each training module is approximately 10 minutes in length.

ATT&CK for Security Operations Center (SOC) Assessments

3 Modules with 11 bite-sized education videos and 9 exercises

Potential to earn 2 Badges & the MAD ™ SOC Assessments Certificate

For practitioners interested in using ATT&CK® to perform rapid, low overhead SOC Assessments that are broad enough to help the SOC get on their feet with ATT&CK. Specific topics include analyzing SOC tools and resources, how to interview and discuss ATT&CK with personnel, and how to recommend improvements based on assessment results. Each training module is approximately 10 minutes in length, and the MAD Certification confirms the learner’s understanding of how modern security operations align with ATT&CK for a threat-informed defense.

Sign Up for MAD Notifications