MITRE D3FEND™ (Detection, Denial, and Disruption Framework Empowering Network Defense) is an open knowledge base of cybersecurity defensive techniques. D3FEND provides a common taxonomy that lets various constituents (SecOps teams, pen testers, red and blue teams, security solution providers, threat intelligence vendors, etc.) communicate using the same vocabulary.
D3FEND organizes cybersecurity countermeasures into five distinct defensive tactics: harden, detect, isolate, deceive, and evict. Each tactic is comprised of various techniques and sub-techniques. For example, the harden tactic includes application hardening, credential hardening, message hardening and platform hardening techniques. And the application hardening technique includes seven sub-techniques.
MITRE maintains an interactive D3FEND knowledge graph that makes it easy to visualize all the tactics and techniques at a glance, and quickly drill down on individual techniques and sub-techniques for detailed information.
D3FEND complements the popular MITRE ATT&CK® knowledge base of adversarial tactics, techniques, and procedures (TTPs). The D3FEND knowledge graph maps ATT&CK offensive techniques to D3FEND defensive techniques, helping cybersecurity professionals counter known TTPs and eliminate gaps.
The table below maps the Talon Enterprise Browser’s security capabilities to relevant Mitre D3FEND sub-techniques. Use the scroll button at the top and bottom of the table to scroll from left to right and see the whole table.