Threat-Informed Defense
Advancing a community of cyber defenders globally.
MITRE has a long history of equipping the collective cyber community with open-source threat- and risk-informed defense tools and publicly available resources to help thwart network intruders, build resiliency against future attacks, and develop assurance to overcome possible vulnerabilities.
Our evaluations, rapid prototypes, and tools provide essential capabilities designed for real-world implementation. We provide actionable knowledge of adversaries’ malicious behaviors to improve cybersecurity defensive and offensive missions with increased visibility, harm reduction, and better security decision-making.
Additionally, we serve as thought leaders in the cybersecurity field, helping to establish standards and policies for a safer world.
10 Years of MITRE ATT&CK
Ten years ago, it all started with an Excel spreadsheet. My name is Adam Pennington, and I lead MITRE ATT&CK. I’ve been around ATT&CK since it started. MITRE was doing a series of red and blue team exercises and we had a problem. My officemate, Blake Strom, identified that we didn't have a way for the red and the blue teams to talk to each other. His team created a spreadsheet of behaviors we'd seen from real world adversaries. So we decided to release it to the public in 2015 with the hope that others would find it useful and share back what they were seeing for the benefit of the rest of the community. And initially there wasn't a lot of response. Bueller. Bueller. But over time, it built and built. Until it was more than just a list...It was a community. What makes ATT&CK powerful is the people helping us understand threats and thwart attacks to defend the data that protects us all. We're finding ATT&CK on T-shirts being given away at trade shows, on banners up in the air. We never expected any of that and have just been blown away by the response. It's gone from this little spreadsheet that was on one computer to this global phenomenon that's used in over 190 countries in all seven continents. Today we have over 600 techniques and sub techniques. We cover Windows, Linux Cloud, Mac OS, networked devices, mobile devices, industrial control systems, and we're always looking to the future. From MITRE ATT&CK to you, the people who make it great. Happy 10th Anniversary.
Resources
ATT&CK Evaluations
Evaluations follow a rigorous, transparent methodology, using a collaborative, threat-informed purple-teaming approach to evaluate solutions within the context of ATT&CK.
CALDERA
A scalable, automated adversary emulation platform that empowers cyber practitioners to save time, money, and energy through automated security assessments.
Center for Threat Informed Defense
The privately funded research and development center brings together sophisticated security teams from leading organizations around the world to conduct and share research that improves our collective ability to prevent, detect, and respond to cyber-attacks.
DEFEND
The MITRE-developed, National Security Agency-funded framework offers an open model with standardized vocabulary for employing techniques to counter malicious cyber activity.
ECHO
Enhanced CTI Sharing for Partner Organizations (ECHO) is an application that mines and contextualizes cyber threat intelligence.
ENGAGE
A framework for communicating and planning cyber adversary engagement, deception, and denial activities.
MITRE ATT&CK
A globally accessible knowledge base of adversary behaviors based on real-world observations.
Latest News & Insights
News Release
RWPQC 2025 Brings Together Industry Leaders to Advance Cybersecurity and Quantum Innovation
Media Coverage
Industrial Cyber Taps Sarah Freeman for its Hall of Fame
Media Coverage
American City & County: Cities and counties should ID their IT assets as they work to eliminate ransomware risks
Media Coverage
Top Cyber Pro: Milestones in Cyber with MITRE's Wen Masters
Media Coverage
TopCyberPro Podcast: Discussion on Cloud Security
Media Coverage
Federal Tech Podcast: An Argument for Enterprise Design
Media Coverage
Enterprise Security Weekly: D3FEND 1.0 Cyber Ontology
News Release
MITRE Posts Latest Findings of ATT&CK Evaluations for Cybersecurity Solutions Against Ransomware
Media Coverage
CyberScoop: Latest round of MITRE ATT&CK evaluations put cybersecurity products through rigors of ransomware
Fact Sheet
Resilient Cyber Aerospace Testbed
MITRE ATT&CK
Over the last decade, ATT&CK has grown from a single Excel spreadsheet to a massive cybersecurity threat knowledge base accessed in more than 190 countries.
