The National Security Agency today announced it is funding the development and release of D3FEND, a framework for security pros to tailor their defenses against specific security threats.
The NSA funded MITRE's research for D3FEND to improve the security of National Security Systems, the Department of Defense, and the Defense industrial base, officials said in a statement. D3FEND is now available through MITRE, which released the framework as a complement to its existing ATT&CK framework.
Within the framework are terminology for computer network defensive techniques and the details of relationships between defensive and offensive tactics. D3FEND includes a model of ways to counter common attack techniques and explains how defensive strategies can affect an attacker's success. In doing so, it aims to show the complex ways that network architectures, threats, and countermeasures work together.
"By framing computer network defender complexity of countermeasure functions and techniques as granularly as ATT&CK frames computer network attacker techniques, D3FEND enables cybersecurity professionals to tailor defenses against specific cyber threats, thereby reducing a system's potential attack surface," officials wrote.
Read the full NSA release for more details.