Newly Released 2022 Center for Threat-Informed Defense Impact Report Shows Expanded Reach of MITRE ATT&CK
McLean, Va. & Bedford, Mass., February 23, 2023 — MITRE Engenuity™ announced its Center for Threat-Informed Defense 2022 Impact Report. Showcasing the research and development projects released in 2022, the report highlights how the center continues to deepen the global understanding of cyber adversarial behavior, advance the field of threat-informed defense, and extend the reach of MITRE ATT&CK® frameworks, with the underlying objective of accelerating resiliency for our democracy.
The center deliberately selected each of the nine R&D projects to solve a specific pain point being experienced across and beyond the 28 center members. Areas of particular emphasis include mitigating insider threats, integrating real-world data into decision cycles, enhancing productivity of cyber threat intel analysts, and optimizing cloud security controls.
“Through our collaborative R&D program, we’re working with cybersecurity teams from around the world to advance the state of the art and the state of the practice in threat-informed defense,” said Jon Baker, Director, Center for Threat-Informed Defense. “Our challenge is to improve cyber defense globally by fundamentally shifting the economics of cyber-attacks in favor of the defenders and changing the game on the adversary.”
Some of the most-utilized resources released last year include:
- The Sightings Ecosystem project enables cyber defenders to make better threat-informed decisions by injecting real-world data and insights into the decision cycle.
- Micro Emulation Plans affords even the more under-resourced teams the opportunity to quickly perform threat emulations, rapidly iterate on results, and optimize their defensive posture.
- Security Stack Mappings for Google Cloud PlatformAWS, and Azure that help defenders around the world protect their cloud resources from cyber threats.
Created with open-source software, methodologies, and frameworks, the nine new resources now bring the center’s total to 22 R&D projects that are freely available to cyber defenders through the center’s website.
About The Center for Threat-Informed Defense
The center is a non-profit, privately funded research and development organization operated by MITRE Engenuity. The center’s mission is to advance the state of the art and the state of the practice in threat-informed defense globally. Comprised of participant organizations from around the globe with highly sophisticated security teams, the center builds on MITRE ATT&CK, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations. Because the center operates for the public good, outputs of its research and development are available publicly and for the benefit of all. For more information, contact ctid@mitre-engenuity.org.
About MITRE Engenuity
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.
MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense. www.mitre-engenuity.org
Media Contact: Lisa Fasold or Sarah Lytle, media@mitre.org
© 2023 MITRE ENGENUITY. APPROVED FOR PUBLIC RELEASE. DOCUMENT NUMBER ME0062.