CISA's Decider - Map behavior to Mitre ATT&CK


image
jcwarnerdev
published: April 30, 2023, 6:53 p.m. | last modified: April 30, 2023, 6:53 p.m.
cyber security cisa decider D3FEND ATT&CK

no image

jcwarnerdev Blog Title: CISA's Decider - Map behavior to Mitre ATT&CK

Today I added CISA's decider tool to my HalfDoneProjects site for limited use. If you have a login you can use it here. Soon I'll make a public version without an extra login.

So far I'm not sure that this tool meets the use case. According to the CISA GitHub page, "Decider is a tool to help analysts map adversary behavior to the MITRE ATT&CK Framework." After throwing a few basic scenarios at the tool I'm not sure it's much better than staring at the wall of TTPs in an ATT&CK map. I might not be the target audience though.


More to follow... I'll make a public version that at least lets people decide whether it's worth pulling in to their own tool bag. Perhaps I'll integrate Mitre's ATT&CK navigator for seamless transition. Better yet, I'll investigate adding Mitre's D3FEND.



Login to post comments below.


All Comments (0)