Member-only story
The Foundation of Cybersecurity: D3FEND™ 1.0
The New “Bible of Cybersecurity”
Is cybersecurity a proper discipline that can stand on its own, and does it have a common knowledge base? Well, every discipline needs a set of standardized terms and definitions. Overall, in cybersecurity, the MITRE ATT&CK framework provides the foundation for the description of attacks and mitigations. Now, MITRE has released D3FEND™ 1.0, which is an ontology that standardizes the vocabulary and techniques in cyber threats. It thus provides a foundation in understanding the core elements of cybersecurity and how they link with other entities.
The model defines areas of Harden, Detect, Isolate, Decive, Evict and Restore [here]:
This model differs from other models, such as the Kill Chain Model, in that it covers all of the stages of a cyber threat, from hardening systems to restoring them. Overall, it covers 718 artefacts. For hardening, we define areas where we harden systems, such as authentication, applications, credentials, messaging, platform and source code [here]: