Common defensive measures
NSA Announces Release of Mitre D3FEND Cybersecurity Framework
The National Security Agency said it funded Mitre’s development of a knowledge base of cybersecurity measures against common techniques used by malicious hackers.
Mitre created the D3FEND model as a complement to its existing ATT&CK model, which serves as a knowledge base of cyber adversary behavior, the NSA said Tuesday.
While ATT&CK describes how malicious hackers typically operate, the D3FEND framework enumerates techniques that can reduce the success rate of attackers, the NSA said.
The agency said it expects D3FEND to enhance the cybersecurity of national security systems, the Department of Defense and the defense industrial base.
D3FEND defines a set of defensive techniques and outlines how they relate to offensive methods. The NSA and Mitre urged cybersecurity professionals across government, industry and academia to adopt the ATT&CK and D3FEND’s vocabulary for the sake of standardization.
According to the agency, a standard way of categorizing cyber behavior and defensive techniques will enable information sharing and collaboration.
The guide resulted from a partnership between CISA and the Homeland Security Systems Engineering and Development Institute, a federally funded research and development center operated by Mitre.
Mitre said the guide includes example uses and step-by-step instructions related to adversary threat levels, technology domains, ATT&CK mapping and the integration of raw data.
Tags: AI artificial intelligence ATT&CK CISA cybersecurity D3FEND Defense Industrial Base Department of Defense DoD MITRE National Security Agency NSA