Mappings Explorer
Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. The Center for Threat-Informed Defense created these open source mappings to serve as a bridge between the threat-informed defense and other cyberdefense paradigms such as security controls and vulnerability management.
Table Of Contents:
Getting Started
To get started, visit the project website.
| Resource | Description |
|---|---|
| Mappings Explorer | A website to navigate, explore, search, and download our ATT&CK mappings. |
| Mappings Editor | An interactive, web-based tool for creating your own mappings. (This tool is available as a public beta.) |
Getting Involved
There are several ways that you can get involved with this project and help advance threat-informed defense.
- Visit the Mappings Explorer website. Use the website to navigate, explore, search, and download our ATT&CK mappings.
- Recommend new mappings projects. Is there a security control framework (or other security capability) that is not in Mappings Explorer but should be? Let us know.
- Create new mappings. The Mappings Editor is released as a public beta; you may try using it to create your own mappings data. The mappings data can be used internally inside your organization, or if you think the public would benefit, please get in touch with us to discuss merging your work into our public repository.
Use Cases
You can use Mappings Explorer for many different purposes. Examples of usage include:
-
Align cyber defense to threats. Explore how security controls and capabilities can be used to protect from, detect, or respond to specific adversary behaviors.
-
Assess unpatched vulnerabilities. Understand how adversaries might exploit unpatched vulnerabilities and what adversaries may achieve by exploiting the vulnerability.
-
Evolve and expand cyber defense: Visualize and assess deficiencies in cyber defense to plan future policy and security controls around real-world adversary behavior.
-
Effectively describe incidents. Create detailed incident reports incorporating ATT&CK-based threat intel, recommendations for increased security protocols, and response measures.
Questions and Feedback
We welcome your feedback and contributions to help advance Mappings Explorer. Please see the guidance for contributors if are you interested in contributing or simply reporting issues.
Please submit issues for any technical questions/concerns or contact ctid@mitre-engenuity.org directly for more general inquiries.
Notice
© 2024 MITRE Engenuity. Approved for public release. Document number(s) CT0104.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.