To support the cybersecurity community with implementation of threat-informed defense, MITRE EngenuityTM announced that its Center for Threat-Informed Defense (Center) is releasing two new resources, Mappings Explorer and M3TID.
"Through our collaborative R&D program, we're working with our member's cybersecurity teams from around the world to advance the state of the art and the state of the practice in threat-informed defense," said Jon Baker, director, Center for Threat-Informed Defense. "We aim to improve cyber defense globally by fundamentally shifting the economics of cyber-attacks in favor of the defenders and changing the game on the adversary."
Understanding the relationship between security capabilities and adversary behaviors is foundational to threat-informed defense. Mappings Explorer enables cyber defenders to understand how security controls and capabilities protect against the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. This new resource consolidates the Center's collection of open, independently developed mappings between security capabilities and ATT&CK into a central hub that is searchable and customizable. Cyber defenders now have easy access to explore mapped security capabilities? making their defenses more efficient and effective against the threats that matter most to them.
M3TID? short for measure, maximize, and mature threat-informed defense? helps security operations centers (SOC) determine how well they are optimally leveraging threat information. By leveraging M3TID to understand their current maturity level and identify areas for improvement, organizations can make targeted investments and strategic decisions to strengthen their defenses, whether it be in cyber threat intelligence, defensive measures, or testing and evaluation. This resource, combined with the MITRE Engenuity ATT&CK Evaluations of vendors and managed service providers against specific adversaries, offers more objective data on which cybersecurity products and services may best fit their individual needs.
Beyond these two new tools, the Center also expanded three of its resources:
Created with open-source software, methodologies, and frameworks with input from 38 Center members, these new resources along with the Center's other R&D projects are freely available to cyber defenders through the center's website.
Cyber defenders also can learn about the new resources at three upcoming events:
In-person registration for the events in Singapore and Brussels is sold out, but virtual registration is still available.
About The Center for Threat-Informed Defense
The center is a non-profit, privately funded research and development organization operated by MITRE Engenuity. The center's mission is to advance the state of the art and the state of the practice in threat-informed defense globally. Comprised of participant organizations from around the globe with highly sophisticated security teams, the center builds on MITRE ATT&CK®, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations. Because the center operates for the public good, outputs of its research and development are available publicly and for the benefit of all. For more information, contact [email protected].
ABOUT MITRE ENGENUITY
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for public good. MITRE's mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.
MITRE Engenuity brings MITRE's deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense. www.mitre-engenuity.org