[CDP-development] CISA Releases New Tool Mapping Adversary Behavior to MITRE ATT&CK

Masse, Theresa theresa.masse at cisa.dhs.gov
Wed Mar 1 07:14:39 PST 2023 

FYSA


As the nation’s cyber defense agency, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI<https://www.mitre.org/our-impact/rd-centers/homeland-security-systems-engineering-and-development-institute>), have released Decider<https://github.com/cisagov/Decider/>, a tool for mapping adversary behavior to the MITRE ATT&CK® framework. HSSEDI is a federally funded research and development center (FFRDC) that is managed and operated by MITRE for the Department of Homeland Security (DHS). HSSEDI worked with MITRE’s ATT&CK team to develop Decider.



A companion to the recently updated Best Practices for MITRE ATT&CK® Mapping Guide,<https://www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping> Decider helps network defenders, analysts, and researchers quickly and accurately map adversary tactics, techniques, and procedures (TTPs) to ATT&CK.



Decider makes ATT&CK mapping more accessible by walking users through a series of guided questions about adversary activity. The new tool helps cyber defenders determine correct tactics, techniques, or sub techniques, which then inform a range of important activities such as sharing the findings, discovering mitigations, and detecting further techniques.

Visit the CISA GitHub site<https://github.com/cisagov/Decider/> to download Decider. To learn more about the capabilities of this tool, refer to CISA’s technical blog<https://www.cisa.gov/news-events/news/helping-cyber-defenders-decide-use-mitre-attck>.

Theresa A. Masse
Cybersecurity State Coordinator/Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image001.png at 01D94C0D.6DAF6F80]



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230301/e87f6f93/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230301/e87f6f93/attachment-0001.png>

More information about the CDP-development mailing list