Home > Resources > SANS 2022 ATT&CK™ and D3FEND™ Report

SANS 2022 ATT&CK™ and D3FEND™ Report

In this whitepaper, SANS looks at two complementary frameworks that defenders should utilize: MITRE ATT&CK™ and MITRE D3FEND™. Aptly named, these frameworks describe adversary techniques and defense countermeasures, respectively.

Since its introduction, multiple security controls and vendors have aligned their products and detections to ATT&CK. However, we have seen little representation of D3FEND—something we aim to change with this whitepaper.

This whitepaper covers the following topics:

  • An understanding of the ATT&CK and D3FEND frameworks.
  • The strengths of each framework as it pertains to enterprise security.
  • How the frameworks can be utilized to help strengthen incident analysis and response.
  • How to incorporate both frameworks into your threat intelligence capabilities.

Fill out form to access SANS 2022 ATT&CK™ and D3FEND™ Report:

We value your privacy. You can find out about your rights and choices and how we use your information in our Privacy Notice.