For many years, organizations have relied on the MITRE ATT&CK™ framework as a valuable resource to catalog adversary tactics, techniques and procedures (TTPs). The information security community has leveraged ATT&CK™ to help guide investigations, write robust detections, and enrich threat intelligence.
In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND™, a complementary framework that provides insight into defensive measures for enterprises.
This SANS webcast explores:
- How to leverage D3FEND™ to enhance enterprise security defenses.
- How to utilize ATT&CK™ and D3FEND™ together to detect attacker TTPs.
- How to incorporate D3FEND™ countermeasures into your daily response workflows.
- How the security community can give back and make D3FEND™ even better.