2024 is off to a strong start with 5 new projects releases, several new projects in development, and a jam-packed innovation pipeline. Our annual R&D roadmap blog will catch you up on our latest releases and share what’s coming up next. Here are a few highlights: 💡 Secure AI will build upon MITRE ATLAS to advance community-wide knowledge of threats to AI systems and how to mitigate them. 💡 Technique Inference Engine will use knowledge of past attacks to help threat hunters predict what will happen next. 💡 Summiting the Pyramid will evolve to reduce false positives and support network observables. 💡 Defending OT with MITRE ATT&CK will create an overlay on ATT&CK to help teams readily identify OT-relevant TTPs. Join us and drive innovation in threat-informed defense for all. https://lnkd.in/e2SWDxxK #threatinformeddefense #AI #OT
Center for Threat-Informed Defense
Computer and Network Security
McLean, Virginia 13,277 followers
Shifting the playing field in favor of cyber defenders.
About us
The Center for Threat-Informed Defense is a privately funded research and development organization that brings together the best security teams from around the world. Its goal is to advance a shared understanding of cyber adversaries, their tradecraft, and technology. The Center builds on the foundation of MITRE ATT&CK™, an important foundation for threat-informed defense used by security teams and vendors around the world in their enterprise security operations. There is an ever-louder call to expand upon ATT&CK and ensure that it remains open, free, and keeps pace with evolving threats. The Center brings together this robust and rapidly growing community to conduct research in support of ATT&CK and accelerate innovation in threat-informed defense.
- Website
-
https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/
External link for Center for Threat-Informed Defense
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- McLean, Virginia
- Founded
- 2019
- Specialties
- Cybersecurity, Threat-Informed Defense, Research and Development, ATT&CK, Cyber Threat Intelligence, Cyber Threat Analysis, Advarsary Emulation, Red Team, Defensive Cyber Operations, Cyber Analytics, Software Development, and MITRE ATT&CK
Updates
-
Mitch R.'s talk, “ATT&CK Simulation - democratizing the red team toolkit for all defenders” was one of 17 excellent talks at our first Asia-Pacific ATT&CK Community Workshop. In addition to introducing the Splunk Attack Range, his talk captured the spirit of community collaboration to advance capability and resources for all. Summiting the Pyramid - > https://lnkd.in/eJecDDbA Adversary Emulation Library - > https://lnkd.in/eKqtgd5B Asia-Pacific ATT&CK Community Workshop slides and session recordings will be posted soon. Follow us for updates. #threatinformeddefense
I recently had the chance to present on Splunk's perspective of Attack Simulation at the Asia-Pacific ATT&CK Community Workshop in Singapore, the first of these events held outside of North America or Europe. It was an incredibly insightful two days with the team from Center for Threat Informed Defense, as well as other community participants. I'd encourage all the cyber professionals I work with to consume and contribute back to MITRE's work, so we can all continue to benefit from their research. We had the chance to get hands on with the Summiting the Pyramid project, and I've already been working with organisations in APAC who want to utilise this new technique. Thanks to Jonathan Baker, Suneel Sundar, Mike Cunningham, Amy Robertson and Karen Advincula for putting on a fantastic event, as well as all the other speakers who I learned a great deal from. I'm hopeful for an Australian ATT&CK workshop soon! #splunk #attacksimulation #mitre #ctid
-
At EU ATT&CK, we had the privilege of hearing from Hanna Holych from Ukraine’s State Cyber Protection Center. Her talk "Operationalizing Threat Intelligence to ATT&CK your Adversaries" detailed SCPC's approach to leveraging MITRE ATT&CK to detect, evaluate, and counter escalating cyber threats. Most notably, Hanna highlighted their battle against SmokeLoader malware (aka Dofoil/Sharik), a prevalent tool in Russian state-sponsored cyber attacks. Hanna discussed the significant role of Center research, like Mappings Explorer, in simplifying the identification of effective mitigating security controls for specific techniques tied to particular threats. Cyber defenders presented online alongside specialists from the European Commission, MITRE, Centre for Cybersecurity Belgium, CIRCL (Computer Incident Response Center Luxembourg) and others. Thank you for highlighting the Center’s work and your ongoing commitment to advancing global cyber defenses. Mappings Explorer -> https://lnkd.in/eTxM-d5h CISA Decider Tool -> https://lnkd.in/gq5CABZs Top 10 MITRE Techniques Calculator -> https://lnkd.in/eNS3bKmx All EU ATT&CK Workshop talks -> https://lnkd.in/gV4XkQS Thank you to the Centre for Cybersecurity Belgium, Pedro Deryckere, Freddy Dezeure and the the speakers + attendees for making this another great event. #cyberdefenders #cybersecurity #threatinformeddefense
-
Join Tiffany Bergeron and Mike Cunningham tomorrow learn about threat-informed defense, freely available resources to help you get started, our newest R&D projects, and dive deeps into Sensor Mappings to ATT&CK and Summiting the Pyramid. 💎 Sensor Mappings to ATT&CK - understand which tools, capabilities, and events provide visibility into real-world adversary behaviors - https://lnkd.in/e5UiyrCn 💎 Summiting the Pyramid - create detections that are robust to changes in adversary behavior - https://lnkd.in/eJecDDbA 💎 Our R&D Roadmap blog - https://lnkd.in/e2SWDxxK #threatinformeddefense MITRE ATT&CK
🌐🔒 Don't miss out! 🔒🌐 Join us for an exclusive webinar hosted by MITRE-Engenuity’s Center for Threat-Informed Defense! 🛡️✨ Learn all about the latest innovations in cyber defense with a deep dive into open-source software, methodologies, and frameworks that advance threat-informed defense. Discover how the Center's work, building on the MITRE ATT&CK knowledge base, is revolutionizing our understanding of cyber adversaries and their tactics. 🎓 WiCyS members, this is a fantastic opportunity to earn CPE/CEU credits! To qualify for CPE/CEU credits with the following providers, ensure you meet these requirements: - **GIAC/(ISC)²**: Attend for a minimum of 45 minutes or the entire webinar. - **CompTIA**: Attend for a minimum of 60 minutes or the entire webinar (webinar topic must relate to the certificate being renewed). After meeting the requirements, log into BrightTALK to print your attendance certificate for submission. 📜✨ Don't miss out on this chance to enhance your cyber defense knowledge and earn valuable credits! Register now and stay ahead in the ever-evolving cyber landscape. 🚀🔐 🔗 Register Here: https://ow.ly/QugT50RSBe4 #CyberDefense #ThreatInformedDefense #MITRE #WiCyS #Webinar #CyberSecurity #CPECredits #CEUCredits #ProfessionalDevelopment
-
Our third and final blog in the series on the compromise of a MITRE research network includes: ✅ technical details of new behavior employed by the adversary, who aligns with Google Mandiant’s UNC5221 ✅ how the BRICKSTORM backdoor and BEEFLUSH web shell abused VMs in VMware through the VPXUSER account to establish persistence We provide detection scripts, from MITRE and CrowdStrike, to find this activity. We discuss how Secure Boot can mitigate the rogue VM behavior we observed. https://lnkd.in/eWn45mH7
Infiltrating Defenses: Abusing VMware in MITRE’s Cyber Intrusion
medium.com
-
Save the date - ATT&CKcon 5 October 22 - 23 in McLean, VA. We hope to see you there!
A very special save the date for a special occasion... You and ATT&CKcon 5.0! ATT&CKcon, the MITRE ATT&CK conference, returns October 22-23 in-person in McLean, VA as well as live online. Have an interesting story to tell about something you've done with ATT&CK (that isn't a product pitch)? Our CFP will be open very soon now. Watch this space for details. In-person tickets will be going on sale later this summer... We'll announce the on sale date here ahead of time. If you're interested in sponsoring ATT&CKcon, please reach out to attackcon@mitre.org.
-
Don't miss Tiffany Bergeron and Steve Luke at the 12th EU ATT&CK Community Workshop. Tiffany will be sharing an update on our 2024 R&D roadmap. Her talk is a great way to catch up on our latest work and learn about what's coming up next. We can't wait to see you all in Brussels! #community #ittakesavillage #threatinformeddefense
I'm thrilled to announce that I'll be speaking at the 12th EU MITRE ATT&CK® Community Workshop in Brussels on May 17th! Best of all, participation is free! Don't miss out - register now to secure your online spot.(https://lnkd.in/e-jhS7Gb)
-
The EU ATT&CK community workshop convenes ATT&CK users to share, learn, and advance threat-informed defense. Thank you to the Centre for Cybersecurity Belgium for hosting.
Reminder: The 12th EU ATT&CK® Community Workshop. 📅 Friday, May 17 · 9:30am - 5:30pm CEST 🗺️SQUARE Brussels Meeting Centre, Mont des Arts, 1000 Bruxelles (SOLD OUT!) 👩💻or online (unlimited – registration needed) More than 25 top guest speakers are lined up to immerse yourself in a dynamic mix of expert insights, cutting-edge tools, and peer-to-peer knowledge exchange supporting the ATT&CK® Framework.
This content isn’t available here
Access this content and more in the LinkedIn app
-
Last week’s technical deep dive into the compromise of a MITRE research network included a detailed description of the attack. Today, we are sharing a visual representation of the attack scenario using Attack Flow. ⭐ Here is the attack flow: https://lnkd.in/gpc_-rJW ⭐ What is attack flow? https://lnkd.in/gteGHH8m ⭐ Where is the blog? https://lnkd.in/efi-eG8i