Skip to content
@center-for-threat-informed-defense

The Center for Threat-Informed Defense

An R&D organization focused on advancing the state of the art and the state of the practice in threat-informed defense.
README.md

Changing the Game on the Adversary

The Center is a non-profit, privately funded research and development organization operated by MITRE Engenuity. The Center’s mission is to advance the state of the art and the state of the practice in threat-informed defense globally.

Comprised of participant organizations from around the globe with highly sophisticated security teams, the Center builds on MITRE ATT&CK®, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations.

THE RESULTS OF OUR RESEARCH & DEVELOPMENT PROJECTS ARE FREELY AVAILABLE TO THE PUBLIC.

Pinned Loading

  1. mappings-explorer mappings-explorer Public

    Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. These mappings form a…

    Jinja 28 9

  2. adversary_emulation_library adversary_emulation_library Public

    An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

    C 1.6k 298

  3. attack-flow attack-flow Public

    Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flow…

    TypeScript 530 85

  4. summiting-the-pyramid summiting-the-pyramid Public

    Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.

    Makefile 24 3

  5. attack-workbench-frontend attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user in…

    TypeScript 304 61

  6. tram tram Public

    TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

    Jupyter Notebook 424 93

Repositories

Showing 10 of 29 repositories
  • mappings-explorer Public

    Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. These mappings form a bridge between the threat-informed approach to cybersecurity and the traditional security controls perspective.

    center-for-threat-informed-defense/mappings-explorer’s past year of commit activity
    Jinja 28 Apache-2.0 9 0 0 Updated Aug 6, 2024
  • attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.

    center-for-threat-informed-defense/attack-workbench-frontend’s past year of commit activity
    TypeScript 304 Apache-2.0 61 42 1 Updated Aug 6, 2024
  • top-attack-techniques Public

    Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.

    center-for-threat-informed-defense/top-attack-techniques’s past year of commit activity
    Vue 114 Apache-2.0 22 0 2 Updated Aug 1, 2024
  • attack-workbench-rest-api Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains the REST API service for storing, querying, and editing ATT&CK objects.

    center-for-threat-informed-defense/attack-workbench-rest-api’s past year of commit activity
    JavaScript 39 Apache-2.0 22 38 6 Updated Jul 31, 2024
  • .github Public
    center-for-threat-informed-defense/.github’s past year of commit activity
    0 0 0 0 Updated Jul 25, 2024
  • threat-modeling-with-attack Public

    Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.

    center-for-threat-informed-defense/threat-modeling-with-attack’s past year of commit activity
    Makefile 0 Apache-2.0 3 0 0 Updated Jul 23, 2024
  • cwe-calculator Public

    The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).

    center-for-threat-informed-defense/cwe-calculator’s past year of commit activity
    Python 10 Apache-2.0 2 0 0 Updated Jul 16, 2024
  • attack-flow Public

    Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

    center-for-threat-informed-defense/attack-flow’s past year of commit activity
    TypeScript 530 Apache-2.0 85 9 1 Updated Jul 15, 2024
  • tram Public

    TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

    center-for-threat-informed-defense/tram’s past year of commit activity
    Jupyter Notebook 424 Apache-2.0 93 44 5 Updated Jun 10, 2024
  • sensor-mappings-to-attack Public

    Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help detect real-world adversary behaviors in their environments.

    center-for-threat-informed-defense/sensor-mappings-to-attack’s past year of commit activity
    Python 44 Apache-2.0 2 1 1 Updated Jun 5, 2024
View all repositories

Top languages

Loading…