Compliance & Frameworks
MITRE D3FEND
Also known as: D3FEND, MITRE D3FEND Framework
Definition
A MITRE knowledge graph of defensive cybersecurity countermeasures and the digital artifacts they observe or modify, complementing MITRE ATT&CK.
Examples
- A security architect using D3FEND to identify candidate mitigations for an ATT&CK technique.
- A vendor mapping its EDR capabilities to D3FEND techniques to communicate coverage.
Related terms
MITRE ATT&CK
A globally accessible knowledge base of adversary tactics and techniques observed in real-world attacks, maintained by MITRE.
Security Controls
Safeguards or countermeasures — technical, administrative, or physical — used to prevent, detect, or respond to threats against information assets.
Threat Modeling
A structured analysis that identifies the assets, threats, vulnerabilities and mitigations of a system so security can be designed in rather than bolted on.
Preventive Controls
Controls designed to stop a security event from occurring in the first place by removing the opportunity or capability to act.
Detective Controls
Security measures designed to identify and alert on malicious activity, policy violations, or anomalies after they occur in an environment.
Compliance
The discipline of meeting legal, regulatory, contractual, and internal security requirements through documented controls, evidence collection, and ongoing assessment.