NSA Funds Development & Release of D3FEND FrameworkNSA Funds Development & Release of D3FEND Framework
The framework, now available through MITRE, provides countermeasures to attacks.
June 23, 2021
The National Security Agency today announced it is funding the development and release of D3FEND, a framework for security pros to tailor their defenses against specific security threats.
The NSA funded MITRE's research for D3FEND to improve the security of National Security Systems, the Department of Defense, and the Defense industrial base, officials said in a statement. D3FEND is now available through MITRE, which released the framework as a complement to its existing ATT&CK framework.
Within the framework are terminology for computer network defensive techniques and the details of relationships between defensive and offensive tactics. D3FEND includes a model of ways to counter common attack techniques and explains how defensive strategies can affect an attacker's success. In doing so, it aims to show the complex ways that network architectures, threats, and countermeasures work together.
"By framing computer network defender complexity of countermeasure functions and techniques as granularly as ATT&CK frames computer network attacker techniques, D3FEND enables cybersecurity professionals to tailor defenses against specific cyber threats, thereby reducing a system's potential attack surface," officials wrote.
Read the full NSA release for more details.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks