MITRE adds D3FEND defensive cybersecurity techniques to ATT&CK Framework

D3FEND is a new project promoted by MITRE Corporation to add defensive cybersecurity techniques to the ATT&CK Framework.

D3FEND is a new project promoted by MITRE Corporation aimed to add a knowledge graph of cybersecurity countermeasures to the ATT&CK Framework.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

The project was announced this week by the U.S. National Security Agency (NSA), it proposes a standard approach for the description of defensive cybersecurity countermeasures for techniques used by threat actors.

“D3FEND is a knowledge base, but more specifically a knowledge graph, of cybersecurity countermeasure techniques. In the simplest sense, it is a catalog of defensive cybersecurity techniques and their relationships to offensive/adversary techniques.” reads the project page published by MITRE. “The primary goal of the initial D3FEND release is to help standardize the vocabulary used to describe defensive cybersecurity technology functionality.”

The NSA announced that the D3FEND project establishes terminology of computer network defensive techniques and shed the light previously unspecified relationships between defensive and offensive methods. 

The US intelligence agency initially funded the project to improve the cybersecurity of National Security Systems, the Department of Defense, and the Defense Industrial Base.

“D3FEND establishes terminology of computer network defensive techniques and illuminates previously-unspecified relationships between defensive and offensive methods. This framework illustrates the complex interplay between computer network architectures, threats, and cyber countermeasures.” states the NSA.

“MITRE released D3FEND as a complement to its existing ATT&CK framework, a free, globally-accessible knowledge base of cyber adversary tactics and techniques based on real-world observations. Industry and government use ATT&CK as a foundation to develop specific cyber threat models and methodologies.”

MITRE adds D3FEND defensive cybersecurity techniques to ATT&CK Framework

The NSA believes that D3FEND will drive more effective design, deployment, and defense of networked systems.

MITRE experts also published a research paper that describes their study and development
toward a precise, unambiguous, and information-dense knowledge graph of cybersecurity countermeasures.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, D3FEND)

The post MITRE adds D3FEND defensive cybersecurity techniques to ATT&CK Framework appeared first on Security Affairs.

By admin