jcwarnerdev Blog Title: CISA's Decider - Map behavior to Mitre ATT&CK
Today I added CISA's decider tool to my HalfDoneProjects site for limited use. If you have a login you can use it here. Soon I'll make a public version without an extra login.
So far I'm not sure that this tool meets the use case. According to the CISA GitHub page, "Decider is a tool to help analysts map adversary behavior to the MITRE ATT&CK Framework." After throwing a few basic scenarios at the tool I'm not sure it's much better than staring at the wall of TTPs in an ATT&CK map. I might not be the target audience though.
More to follow... I'll make a public version that at least lets people decide whether it's worth pulling in to their own tool bag. Perhaps I'll integrate Mitre's ATT&CK navigator for seamless transition. Better yet, I'll investigate adding Mitre's D3FEND.