Center for Threat-Informed Defense

📣 𝗧𝗛𝗥𝗘𝗔𝗧-𝗜𝗡𝗙𝗢𝗥𝗠𝗘𝗗 𝗗𝗘𝗙𝗘𝗡𝗦𝗘 𝗜𝗦 𝗘𝗔𝗦𝗬 𝗔𝗦 𝟭, 𝟮, 𝟯 📣 Attending the RH-ISAC Cyber Intelligence Summit?  Drop in for Mike Cunningham’s talk on Threat-Informed Defense and leave with 3 key take aways: 1️⃣ what is Threat-Informed Defense,  2️⃣ how to measure your Threat-Informed Defense, and  3️⃣ how to improve your Threat-Informed Defense. Mike will leave you with a new capability to assess your organization’s Threat-Informed Defense maturity and guidance to improve your program. 𝗜𝗻𝘁𝗲𝗿𝗲𝘀𝘁𝗲𝗱 𝗶𝗻 𝗹𝗲𝗮𝗿𝗻𝗶𝗻𝗴 𝗺𝗼𝗿𝗲 𝗮𝗯𝗼𝘂𝘁 𝘁𝗵𝗲 𝗼𝘂𝗿 𝗥&𝗗 𝗽𝗿𝗼𝗴𝗿𝗮𝗺?  Connect with Mike for the latest on our R&D program roadmap. https://lnkd.in/e6HD8bJc #ThreatInformedDefense

What's Attack Flow? a data model with all the tools, examples, and docs you need to represent and share sequences of adversary behaviors. https://lnkd.in/g6RR2FNH Register for our new Attack Flow training below.

🎥 Session recordings are now available for the 2025 Asia-Pacific ATT&CK Community Workshop. 🎥 https://lnkd.in/e2Qn8YTH Thank you to our speakers, sponsors, and host for creating an amazing event! #ThreatInformedDefense

🚨 EU ATT&CK Community Workshop and Training 🚨 The 2025 EU ATT&CK Community Workshop will be hosted in Brussels by EUROCONTROL, in collaboration with the Centre for Cybersecurity Belgium and the Center for Threat-Informed Defense. 𝗠𝗮𝘆 𝟭𝟰 - 𝗧𝗵𝗿𝗲𝗮𝘁-𝗜𝗻𝗳𝗼𝗿𝗺𝗲𝗱 𝗗𝗲𝗳𝗲𝗻𝘀𝗲 𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴 – 𝗔𝘁𝘁𝗮𝗰𝗸 𝗙𝗹𝗼𝘄 Hands-on training introduces the fundamental concepts of Attack Flow and demonstrates how to apply it with real-world examples. Students will be able to apply these tools and concepts to improve cyber defense, incident response, threat hunting, and red teaming. 𝗠𝗮𝘆 𝟭𝟱 – 𝗖𝗼𝗺𝗺𝘂𝗻𝗶𝘁𝘆 𝗪𝗼𝗿𝗸𝘀𝗵𝗼𝗽 – 𝗯𝘆 𝗽𝗿𝗮𝗰𝘁𝗶𝘁𝗶𝗼𝗻𝗲𝗿𝘀, 𝗳𝗼𝗿 𝗽𝗿𝗮𝗰𝘁𝗶𝘁𝗶𝗼𝗻𝗲𝗿𝘀 ⭐ Learn best practices from your peers in the user community ⭐ Updates from the Center for Threat-Informed Defense ⭐ Updates from MITRE ATT&CK ⭐ Advance Threat-Informed Defense and the ATT&CK community. Learn more and register here 👉 https://lnkd.in/ezTChVFZ Freddy Dezeure, MITRE ATT&CK, MITRE ATLAS #ThreatInformedDefense #Community

🎥 How to Create a Threat Modeling Process and Use ATT&CK 🎥 Watch - > https://lnkd.in/ea6sNE-N 😷 Adam Shostack and Kyle Wallace partnered to discuss their experience in threat modeling with MITRE ATT&CK at an RSAC Virtual Session. Check it out and learn how to integrate ATT&CK into your threat modeling practice. Learn more about threat-modeling with ATT&CK: https://lnkd.in/eCCxCWXh #ThreatInformedDefense #ThreatModeling #CyberThreatIntel #CTI #RSAC

MITRE launched the ATT&CK Evaluations program with three core goals: 1️⃣ accelerate industry capability development 2️⃣ support buyers with independent technical evaluations of industry capability 3️⃣ help users defend against real-world threats We do this based on observed adversary behaviors and hands on technical evaluations. We work in collaboration with our industry participants to understand and evaluate their capabilities. We learn and advance capability together. The call for participation is now open for our next round of evaluations. Sign Up!

If you are a consumer of CVE Records, or a defender, the CVE Program would like to hear from you! Our “CVE Data Usage and Satisfaction Survey” opened on March 4, 2025, and will close at 11:59 PM ET on April 4, 2025 To participate, please visit: https://lnkd.in/eGy7Bdxq

Recently Matthew Turner presented his work on Technique Inference Engine (TIE) at the Artificial Intelligence for Cybersecurity (AICS 2025) workshop in Philadelphia, PA. The TIE paper is now available on arXiv. TIE Paper 👉 (https://lnkd.in/epJ5WCVn) If you have not seen it yet, TIE is a predictive model for threat intelligence based on MITRE ATT&CK. Incident responders and threat hunters can use TIE for intelligent guidance for their investigations and what adversary behaviors to search for. The tool, model, and dataset are all open source and freely available. What is TIE❓ https://lnkd.in/eXV-PghB #AI #ML #ThreatInformedDefense

We posted yesterday about AI-powered Attack Flow automation, and here’s another excellent research effort around that topic! Dave Johnson is researching how to generate flows from unstructured text, i.e. cyber threat intelligence reports. Although it is early stage, it is an impressive effort and we are coordinating with Dave to ensure that Attack Flow 3 (which is slated to release this summer) is harmonized with his efforts. #AttackFlow #CyberThreatIntel #ThreatInformedDefense

The 2025 Asia-Pacific ATT&CK Community Workshop was a huge success. Thank you to our hosts at Citi - Alex Q., Alicia Koh, Crys Tan, Mark Wee, and the Citi volunteer team. Your partnership created an amazing event. After opening remarks from our hosts, we kicked off the event with a key note panel where Derek Manky, David West, and Mark Wee shared their experience advancing threat-informed defense within their organizations. Following the panel, we jumped into 15 talks on operationalizing MITRE ATT&CK and threat-informed defense. Full agenda and slides are available here: ⭐ https://lnkd.in/e2Qn8YTH Session recordings will be available in a few weeks. Thank you to our speakers for sharing your experience. Thank you to our sponsors AttackIQ, Acronis, Bank of America, Ensign InfoSecurity, Fortinet, SquareX, Trainocate Group And our non-profit supporters Adversary Village, AiSP (Association of Information Security Professionals), CI-ISAC International, CREST, FIRST, OT-ISAC #ThreatInformedDefense #Community #APAC