📰 MITRE Extends D3FEND Cybersecurity Framework to Operational Technology (OT)
MITRE has extended its D3FEND framework to Operational Technology (OT)! 🛡️ Funded by the NSA, the new knowledge base provides a standard for defending critical infrastructure and cyber-physical systems. 🏭 #OTsecurity #ICS #D3FEND #Cybersecurity
This stuff is so cool #d3fend #MITRE #threatmodeling #defensive #cyber >
https://d3fend.mitre.org/blog/building-d3fend-graphs-with-d3fend-cad/
I missed this but wow, MITRE D3FEND announced their 1.0 release. Big milestone for them
#MITRE #D3FEND #ThreatIntel
https://d3fend.mitre.org/blog/d3fend-1.0/
#D3FEND - A knowledge graph of #cybersecurity countermeasures https://d3fend.mitre.org/
ATT&CK Workbench is an impressive piece of software for #threatintel, the missing piece to actually make the topologies usable.
I hope a #D3FEND integration will be available in the future.
@shellsharks So my team has been thinking of a few ways of mapping controls to TTPs. Best route for now seems to take our Single Process Inventory (SPI) and find correlating controls in place.
Then using MITRE D3FEND, take ATT&CK techniques in our reporting and map to D3FEND techniques that make logical sense for us to implement. Ex. T1134 - Access Token Manipulation has some D3FEND techniques like System Call Analysis, Process Spawn Analysis, Mandatory Access Control.
https://d3fend.mitre.org/offensive-technique/attack/T1134/
NIST 800-53 Rev. 5 also includes a spreadsheet for mapping controls to TTPs although it's kept very vague. They do include a Navigator layer which can be useful to overlay with whatever ATT&CK techniques you're focused on.
https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/nist-800-53-control-mappings/
#ThreatIntel #MITRE #D3FEND
