Solution Brief:
Attivo Deception MITRE Shield Mapping

MITRE has launched a knowledge base named Shield that captures capabilities surrounding Active Defense and adversary engagements. The very first publication of this knowledge base is in the form of a matrix listing capabilities for Active Defense. Shield complements the MITRE ATT&CK knowledgebase (Adversarial Tactics, Techniques, and Common Knowledge), which is a highly-regarded tool in the Threat Intelligence Community for modeling cybersecurity threats. From a defender's perspective, the ATT&CK matrix provides a data model of how one should protect their enterprise against cybersecurity threats. Meanwhile, the Shield matrix provides the capabilities a defender must build for an Active Defense and adversary engagement in a post-breach situation.

Attivo evaluated its ThreatDefend® Platform capabilities against all Active Defense techniques and use cases documented per technique in the MITRE Shield knowledge base. Download this paper to learn how the ThreatDefend components provide the building blocks needed for an Active Defense strategy.

MITRE Shield Datasheet_cover.png