Skip to content
@center-for-threat-informed-defense

The Center for Threat-Informed Defense

An R&D organization focused on advancing the state of the art and the state of the practice in threat-informed defense.
README.md

Changing the Game on the Adversary

The Center is a non-profit, privately funded research and development organization operated by MITRE Engenuity. The Center’s mission is to advance the state of the art and the state of the practice in threat-informed defense globally.

Comprised of participant organizations from around the globe with highly sophisticated security teams, the Center builds on MITRE ATT&CK®, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations.

THE RESULTS OF OUR RESEARCH & DEVELOPMENT PROJECTS ARE FREELY AVAILABLE TO THE PUBLIC.

Pinned Loading

  1. mappings-explorer mappings-explorer Public

    Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. These mappings form a…

    Jinja 40 10

  2. adversary_emulation_library adversary_emulation_library Public

    An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

    C 1.7k 313

  3. attack-flow attack-flow Public

    Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flow…

    TypeScript 555 86

  4. summiting-the-pyramid summiting-the-pyramid Public

    Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.

    Makefile 26 3

  5. attack-workbench-frontend attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user in…

    TypeScript 320 61

  6. tram tram Public

    TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

    Jupyter Notebook 446 96

Repositories

Showing 10 of 31 repositories
  • attack-workbench-rest-api Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains the REST API service for storing, querying, and editing ATT&CK objects.

    center-for-threat-informed-defense/attack-workbench-rest-api’s past year of commit activity
    JavaScript 42 Apache-2.0 22 39 6 Updated Nov 6, 2024
  • attack-flow Public

    Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

    center-for-threat-informed-defense/attack-flow’s past year of commit activity
    TypeScript 555 Apache-2.0 86 19 0 Updated Nov 5, 2024
  • attack-powered-suit Public

    ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.

    center-for-threat-informed-defense/attack-powered-suit’s past year of commit activity
    JavaScript 72 Apache-2.0 12 6 0 Updated Nov 4, 2024
  • attack-sync Public

    ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® version updates into their internal systems and processes.

    center-for-threat-informed-defense/attack-sync’s past year of commit activity
    Python 16 Apache-2.0 6 3 0 Updated Nov 1, 2024
  • attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.

    center-for-threat-informed-defense/attack-workbench-frontend’s past year of commit activity
    TypeScript 320 Apache-2.0 61 42 5 Updated Oct 31, 2024
  • technique-inference-engine Public

    TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.

    center-for-threat-informed-defense/technique-inference-engine’s past year of commit activity
    Jupyter Notebook 23 Apache-2.0 3 0 1 Updated Oct 30, 2024
  • mappings-editor Public

    Mappings Editor is an interactive, web-based tool created by the Center for Threat-Informed Defense for creating mappings of security capabilities to MITRE ATT&CK®. This tool is available as a public beta.

    center-for-threat-informed-defense/mappings-editor’s past year of commit activity
    TypeScript 5 Apache-2.0 2 1 0 Updated Oct 29, 2024
  • workshop Public
    center-for-threat-informed-defense/workshop’s past year of commit activity
    7 6 1 0 Updated Oct 16, 2024
  • summiting-the-pyramid Public

    Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.

    center-for-threat-informed-defense/summiting-the-pyramid’s past year of commit activity
    Makefile 26 Apache-2.0 3 3 0 Updated Oct 16, 2024
  • threat-modeling-with-attack Public

    Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.

    center-for-threat-informed-defense/threat-modeling-with-attack’s past year of commit activity
    Makefile 4 Apache-2.0 3 1 0 Updated Oct 2, 2024
View all repositories

Top languages

Loading…