cybersecurity-team-lab

MITRE Launches Engage Framework to Defend Against Cyber Attacks

The new MITRE Engage framework facilitates community engagement and provides a toolkit—including a guidebook, starter kit, worksheets, posters, and other resources—free for non-commercial use to CISOs, cyber defenders, and vendors.

McLean, Va., and Bedford, Mass., March 2, 2022—MITRE launched MITRE Engage™, a framework for communicating and planning cyber adversary engagement, deception, and denial activities. Informed by adversary behavior observed in the real world, Engage helps chief information security officers (CISOs), cyber defenders, and vendors to implement defense strategies.

Adversary engagement and deception operations can cut the cost of a data breach in half, waste an adversary’s time, and make attackers easier to detect. Engage maps to the MITRE ATT&CK® framework, which enables practitioners to quickly identify an attacker’s vulnerabilities when using a specific ATT&CK technique and how to take advantage of those vulnerabilities.

“Engage is about empowering the cyber defense community,” said Maretta Morovitz, MITRE Engage lead. “Every day, adversaries launch cyber attacks. Some will always slip through. Taller walls aren’t the complete solution. We need to stop what we can and be prepared to engage with the ones who make it through. With traditional cyber defense, the adversary only needs to be right once, but with cyber deception, the adversary only needs to be wrong once.”

Building upon MITRE’s Shield framework and more than 10 years of operational experience, Engage defines a common terminology for the cyber defense community. More than a matrix, the Engage toolkit featured on the website also includes a guidebook, starter kit, worksheets, posters, and other resources to decrease planning obstacles while increasing expertise. CISOs can use Engage to create a strategy for protecting the company, defenders can use it to implement that strategy, and vendors can use it to align their products with their users’ goals.

In the past year, MITRE ran a series of focus groups with vendors, defenders, and CISOs to solicit feedback and insight into Engage’s development. MITRE also runs regular adversary engagement operations to inform and drive the resources it publishes on the Engage website. And MITRE continues to gather the community’s thoughts and feedback about how Engage can help defenders.

“Engage goes beyond a framework. It delves deep and wide into the entire process of adversary engagement, from planning to analyzing,” said Morovitz. “Plus, as we grow the Engage community, we can continually improve and mature our research in defending against cyber threats.”

CISOs, cyber defenders, and vendors can learn more about Engage and get involved in the Engage community at https://engage.mitre.org/ and read the related Impact Story

About MITRE

MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through public-private partnerships and federally funded R&D centers, MITRE works across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.

Media: Lisa Fasold, media@mitre.org