24 June 2021

MITRE introduces D3FEND framework for tailoring defenses against cyber threats


MITRE introduces D3FEND framework for tailoring defenses against cyber threats

The MITRE Corporation has released a new tool to help cybersecurity professionals to build defenses against specific cyber threats. The project, called D3FEND, is a knowledge base of cybersecurity countermeasure techniques designed to help standardize the vocabulary used to describe defensive cybersecurity technology functionality.

Funded by the US National Security Agency, the D3FEND framework is still in the experimental research phase.

D3FEND outlines defensive countermeasures for common offensive techniques and complements MITRE’s ATT&CK knowledge base of offensive tactics and techniques based on real-world observations.

“D3FEND establishes terminology of computer network defensive techniques and illuminates previously-unspecified relationships between defensive and offensive methods. This framework illustrates the complex interplay between computer network architectures, threats, and cyber countermeasures,” the NSA said in a press release.

The framework can be used by cybersecurity professionals to compare a cybersecurity functionality across multiple products with common defensive techniques and identify products’ differences and gaps “relative to desired functionality in a more precise, consistent, and repeatable manner.”

D3FEND can also help defenders to test, how a defensive solution performs against offensive techniques.


Back to the list

Latest Posts

NSA publishes guidance on how to secure wireless devices in public settings

NSA publishes guidance on how to secure wireless devices in public settings

The agency advises to avoid connecting to public Wi-Fi, and use a corporate or personal Wi-Fi hotspot with strong authentication and encryption whenever possible.
30 July 2021
Death Kitty ransomware reportedly behind the attack on South African ports

Death Kitty ransomware reportedly behind the attack on South African ports

The attackers claim they encrypted the company’s files, including 1TB of personal data, financial reports and other documents.
30 July 2021
New destructive wiper malware linked to recent Iranian railway attack

New destructive wiper malware linked to recent Iranian railway attack

The Meteor wiper was developed in the past three years and seems to be designed for reuse in multiple campaigns.
30 July 2021