Skip to content
@center-for-threat-informed-defense

The Center for Threat-Informed Defense

An R&D organization focused on advancing the state of the art and the state of the practice in threat-informed defense.
README.md

Changing the Game on the Adversary

The Center is a non-profit, privately funded research and development organization operated by MITRE Engenuity. The Center’s mission is to advance the state of the art and the state of the practice in threat-informed defense globally.

Comprised of participant organizations from around the globe with highly sophisticated security teams, the Center builds on MITRE ATT&CK®, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations.

THE RESULTS OF OUR RESEARCH & DEVELOPMENT PROJECTS ARE FREELY AVAILABLE TO THE PUBLIC.

Pinned Loading

  1. mappings-explorer mappings-explorer Public

    Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. These mappings form a…

    Jinja 38 10

  2. adversary_emulation_library adversary_emulation_library Public

    An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

    C 1.7k 309

  3. attack-flow attack-flow Public

    Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flow…

    TypeScript 547 86

  4. summiting-the-pyramid summiting-the-pyramid Public

    Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.

    Makefile 25 3

  5. attack-workbench-frontend attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user in…

    TypeScript 314 61

  6. tram tram Public

    TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

    Jupyter Notebook 435 93

Repositories

Showing 10 of 31 repositories
  • threat-modeling-with-attack Public

    Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.

    center-for-threat-informed-defense/threat-modeling-with-attack’s past year of commit activity
    Makefile 2 Apache-2.0 3 1 0 Updated Oct 2, 2024
  • technique-inference-engine Public

    TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.

    center-for-threat-informed-defense/technique-inference-engine’s past year of commit activity
    Jupyter Notebook 18 Apache-2.0 2 0 1 Updated Oct 1, 2024
  • mappings-explorer Public

    Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. These mappings form a bridge between the threat-informed approach to cybersecurity and the traditional security controls perspective.

    center-for-threat-informed-defense/mappings-explorer’s past year of commit activity
    Jinja 38 Apache-2.0 10 0 1 Updated Oct 1, 2024
  • attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.

    center-for-threat-informed-defense/attack-workbench-frontend’s past year of commit activity
    TypeScript 314 Apache-2.0 61 42 1 Updated Sep 30, 2024
  • attack-sync Public

    ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® version updates into their internal systems and processes.

    center-for-threat-informed-defense/attack-sync’s past year of commit activity
    Python 15 Apache-2.0 6 3 0 Updated Sep 27, 2024
  • mappings-editor Public

    Mappings Editor is an interactive, web-based tool created by the Center for Threat-Informed Defense for creating mappings of security capabilities to MITRE ATT&CK®. This tool is available as a public beta.

    center-for-threat-informed-defense/mappings-editor’s past year of commit activity
    TypeScript 5 Apache-2.0 2 1 0 Updated Sep 24, 2024
  • attack-powered-suit Public

    ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.

    center-for-threat-informed-defense/attack-powered-suit’s past year of commit activity
    JavaScript 69 Apache-2.0 12 2 0 Updated Sep 18, 2024
  • attack-workbench-rest-api Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains the REST API service for storing, querying, and editing ATT&CK objects.

    center-for-threat-informed-defense/attack-workbench-rest-api’s past year of commit activity
    JavaScript 41 Apache-2.0 22 39 6 Updated Sep 12, 2024
  • insider-threat-ttp-kb Public

    The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

    center-for-threat-informed-defense/insider-threat-ttp-kb’s past year of commit activity
    Python 135 Apache-2.0 21 0 0 Updated Sep 4, 2024
  • defending-ot-with-attack Public

    Defending OT with ATT&CK provides a customized threat collection tailored to the attack surface and threat model of operational technology environments.

    center-for-threat-informed-defense/defending-ot-with-attack’s past year of commit activity
    Makefile 11 Apache-2.0 3 1 0 Updated Aug 26, 2024
View all repositories

Top languages

Loading…