The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense is and the key activities associated with its practice. The project captures insights and best practices for what it means to be threat-informed across a security program, expanding the dimensions of Threat-Informed Defense into key components that organizations can implement. For each of these components, the project defines specific elements of implementation maturity, which enables organizations to assess and to understand the current and future state of their threat-informed defense program.
Table Of Contents:
Read the project website to understand the overall purpose and methodology of the project. Then you can use the scoring spreadsheet to apply the methodology to your own organization.
Resource | Description |
---|---|
Project Website | Documents the project goals, methodology, and other resources. |
Scoring Spreadsheet | A spreadsheet for applying the M3TID scoring methodology. |
There are several ways that you can get involved with this project and help advance threat-informed defense:
- Review the project goals and methodology and tell us what you think. We welcome your feedback on any aspect of the project: from high-level concepts to low-level technical details.
- Use the methodology and Excel workbook to score your organization. The spreadsheet provides a quick way to document the maturity of your threat-informed defense, view maturity along each dimension, and calculate a maturity score.
- Suggest new components. Use the contact information below to send in your ideas for new threat-informed defense components that align to the three dimensions of threat-informed defense.
We welcome your feedback and contributions to help advance M3TID. Please see the guidance for contributors if are you interested in contributing or simply reporting issues.
Please submit issues for any technical questions/concerns or contact [email protected] directly for more general inquiries.
Copyright 2024 MITRE Engenuity. Approved for public release. Document number(s) CT0105.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.