Network defense is dynamic. You need a base defense, plus specialized capabilities to detect and prevent active advances. As adversaries change tactics, you must quickly evaluate your defenses and fill any gaps you find.
Commercial and open source software can help organizations achieve basic defense and develop agile responses, even with limited resources. If the right solution isn't readily available, open source tools let you quickly strengthen and augment your defensive measures.
We advance MITRE's network defense by developing tools to resist intrusion attempts by persistent and determined adversaries. When possible, we build on open source code and share tools through the open source community, on the GitHub repository.
We are committed to publicly discussing our released tools and methods. To further develop and share the tools needed for agile computer network defense, our engineers publish articles, present at conferences, and engage with the open source community.