Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

MITRE Introduces ‘Shield’ Defense Knowledge Base

The MITRE Corporation has taken the wraps off a knowledge base of common techniques and tactics that defenders can use to ensure their networks and assets are kept secure.

The MITRE Corporation has taken the wraps off a knowledge base of common techniques and tactics that defenders can use to ensure their networks and assets are kept secure.

Called MITRE Shield, the publicly available, free resource is aimed at cyber-experts looking to engage an active cyber defense and, similarly with MITRE ATT&CK, presents a series of active defense concepts.

“Shield was culled from MITRE’s work over the past 10 years observing and engaging adversaries in defense of our own network. It spans the range from big-picture opportunities and objectives that chief information security officers (CISOs) may want to consider to practitioner-friendly tactics, techniques, and procedures,” MITRE explains.

The newly released knowledge base mainly details security techniques for engaging deception and adversaries. With the help of both ATT&CK and MITRE Shield, defenders can create active defense playbooks that would help them address specific adversaries, MITRE says.

According to MITRE, the resource is being developed as both unstructured and structured data, with the initial version focusing on structured elements. MITRE Shield is not complete, but should serve as a starting point for discussion on adversary engagement, active defense, and how defenders can take advantage of them.

“We hope mapping Shield to ATT&CK will be a good addition to the collection of ways ATT&CK can be used. Using them in tandem can help defenders better understand adversary behavior and engagements and suggest ways the defender can mount a more active defense,” says Christina Fowler, MITRE’s chief cyber intelligence strategist.

According to MITRE, the main idea behind releasing Shield is to receive others’ opinions on the work, to expand the knowledge base. The data model will be tweaked in the coming months and additional content is expected to be added as well, the not-for-profit organization reveals.

MITRE also notes that it plans to continuously evolve Shield, and that the project might never actually be completed, as the subject of defense is nearly infinite. However, the knowledge base is expected to help organizations strengthen their active defense solutions.

Related: MITRE Releases ATT&CK Knowledge Base for Industrial Control Systems

Related: New MITRE Foundation Aims to Boost Critical Infrastructure

Related: Where To Begin With MITRE ATT&CK Matrix

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.