The Center for Threat-Informed Defense (@center-for-threat-informed-defense)
  • Stars
    star
    3,112
  • Global Org. Rank 6,807 (Top 3 %)
  • Registered about 5 years ago
  • Most used languages
    Python
    40.0 %
    JavaScript
    20.0 %
    TypeScript
    13.3 %
    HCL
    6.7 %
    HTML
    6.7 %
    C
    6.7 %
    Makefile
    6.7 %

Top repositories

1

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
C
995
star
2

attack-control-framework-mappings

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Python
362
star
3

attack-flow

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
TypeScript
340
star
4

attack-workbench-frontend

An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.
TypeScript
288
star
5

attack_to_cve

A methodology for mapping MITRE ATT&CK techniques to vulnerability records to describe the impact of a vulnerability.
154
star
6

security-stack-mappings

This project empowers defenders with independent data on which native security controls of leading technology platforms are most useful in defending against the adversary TTPs they care about.
Python
148
star
7

tram

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
HTML
99
star
8

insider-threat-ttp-kb

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
98
star
9

caldera_pathfinder

Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
Python
77
star
10

top-attack-techniques

Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques.
72
star
11

public-resources

Collection of resources related to the Center for Threat-Informed Defense
70
star
12

attack_to_veris

🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
Python
69
star
13

attack-powered-suit

ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.
JavaScript
63
star
14

attack-workbench-rest-api

An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains the REST API service for storing, querying, and editing ATT&CK objects.
JavaScript
37
star
15

cloud-analytics

Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as well as a blueprint for how others can create and use cloud analytics effectively.
HCL
27
star
16

sightings_ecosystem

This project aims to fundamentally advance our collective ability to see threat activity across organizational, platform, vendor and geographical boundaries.
Python
22
star
17

attack-workbench-collection-manager

[DEPRECATED] An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains the REST API and services for managing collections, collection indexes, and collection subscriptions.
JavaScript
12
star
18

defending-iaas-with-attack

Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a methodology for creating technique collections.
Makefile
8
star
19

first-ctid-workshop

Python
6
star