Skip to content
@center-for-threat-informed-defense

The Center for Threat-Informed Defense

An R&D organization focused on advancing the state of the art and the state of the practice in threat-informed defense.

Pinned Loading

  1. mappings-explorer mappings-explorer Public

    Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. These mappings form a…

    Jinja 24 6

  2. adversary_emulation_library adversary_emulation_library Public

    An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

    C 1.6k 290

  3. attack-flow attack-flow Public

    Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flow…

    TypeScript 517 83

  4. summiting-the-pyramid summiting-the-pyramid Public

    Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.

    Makefile 23 2

  5. attack-workbench-frontend attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user in…

    TypeScript 298 61

  6. tram tram Public

    TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

    Jupyter Notebook 412 90

Repositories

Showing 10 of 27 repositories
  • attack-flow Public

    Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

    center-for-threat-informed-defense/attack-flow’s past year of commit activity
    TypeScript 517 Apache-2.0 83 8 1 Updated Jun 26, 2024
  • attack-workbench-frontend Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.

    center-for-threat-informed-defense/attack-workbench-frontend’s past year of commit activity
    TypeScript 298 Apache-2.0 61 42 3 Updated Jun 23, 2024
  • cwe-calculator Public

    The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).

    center-for-threat-informed-defense/cwe-calculator’s past year of commit activity
    Python 2 Apache-2.0 0 0 0 Updated Jun 20, 2024
  • top-attack-techniques Public

    Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques.

    center-for-threat-informed-defense/top-attack-techniques’s past year of commit activity
    112 Apache-2.0 20 0 2 Updated Jun 14, 2024
  • tram Public

    TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

    center-for-threat-informed-defense/tram’s past year of commit activity
    Jupyter Notebook 412 Apache-2.0 90 44 5 Updated Jun 10, 2024
  • sensor-mappings-to-attack Public

    Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help detect real-world adversary behaviors in their environments.

    center-for-threat-informed-defense/sensor-mappings-to-attack’s past year of commit activity
    Python 41 Apache-2.0 1 1 1 Updated Jun 5, 2024
  • attack-workbench-rest-api Public

    An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains the REST API service for storing, querying, and editing ATT&CK objects.

    center-for-threat-informed-defense/attack-workbench-rest-api’s past year of commit activity
    JavaScript 39 Apache-2.0 21 38 6 Updated May 23, 2024
  • public-resources Public

    Collection of resources related to the Center for Threat-Informed Defense

    center-for-threat-informed-defense/public-resources’s past year of commit activity
    PowerShell 76 16 0 0 Updated May 22, 2024
  • caldera_pathfinder Public

    Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.

    center-for-threat-informed-defense/caldera_pathfinder’s past year of commit activity
    Python 120 Apache-2.0 26 2 1 Updated Apr 25, 2024
  • attack-sync Public

    ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® version updates into their internal systems and processes.

    center-for-threat-informed-defense/attack-sync’s past year of commit activity
    Python 14 Apache-2.0 6 3 0 Updated Apr 24, 2024