Mitre has created the D3FEND matrix to explain terminology of defensive cybersecurity techniques and how they relate to offensive methods. It is a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.

The goal is to figure out if vendors are using different ways to try to solve the same problem, such as verifying a particular (and potentially malicious) code segment. D3FEND could help IT managers find functional overlap in their current security product portfolios and guide any changes in their investments in a particular functional area, as well to help make them better defensive decisions to project their cyber infrastructure.

You can read more about Mitre’s D3FEND and its promise here in a post for CSOonline.