Cyber Threat Intelligence

MITRE is creating new ways to help understand your adversaries' behaviors, goals, and methods so you can prioritize your defensive investments.
(Video) What is cyber threat intelligence?.

We're working with security vendors, end users, and government to pioneer better ways to create, share and use cyber threat intelligence.  This isn’t new to MITRE – our innovative work on the STIX/TAXII standards already make it easier for people and tools to share threat intelligence.

Central to our efforts in cyber threat intelligence is the MITRE ATT&CK™ framework, a globally accessible knowledgebase of adversary tactics and techniques based on real-world observations of adversaries’ operations against computer networks. ATT&CK helps you understand how adversaries might operate so you can plan how to detect or stop that behavior. Armed with this knowledge, you can better understand the different ways adversaries prepare for, launch, and execute their attacks.

MITRE believes that collaboration is essential to improve the state of cyber defense. That’s why the approaches we discover and the tools we create are freely available to the global cyber community.

What's New

Resources