271 defences262 crosswalks
D3FENDD3FEND defensive matrix
7 tactics · 271 defensive techniques · 262 defends_against crosswalks to MITRE ATT&CK. Authored by Adam Lundqvist.
ATT&CK coverage
0
1
2-3
4-5
6+
MODModel5 techniques
D3-CIA
D3-CIA Container Image Analysis
Counters 26 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-ALLM
D3-ALLM Active Logical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-APLM
D3-APLM Active Physical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-DPLM
D3-DPLM Direct Physical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-PLLM
D3-PLLM Passive Logical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
HARHarden0 techniques
DETDetect22 techniques
D3-FCR
D3-FCR File Content Rules
Counters 99 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-SBV
D3-SBV Service Binary Verification
Counters 16 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-SFA
D3-SFA System File Analysis
Counters 16 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-AEM
D3-AEM Application Exception Monitoring
Counters 14 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-PLA
D3-PLA Process Lineage Analysis
Counters 14 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-EHB
D3-EHB Endpoint Health Beacon
Counters 7 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-MBT
D3-MBT Memory Boundary Tracking
Counters 7 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-ACA
D3-ACA Active Certificate Analysis
Counters 6 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-PCA
D3-PCA Passive Certificate Analysis
Counters 6 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-SICA
D3-SICA System Init Config Analysis
Counters 5 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-URA
D3-URA URL Reputation Analysis
Counters 4 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-IDA
D3-IDA Input Device Analysis
Counters 3 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-SDM
D3-SDM System Daemon Monitoring
Counters 3 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-FCA
D3-FCA File Creation Analysis
Counters 2 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-SFV
D3-SFV System Firmware Verification
Counters 2 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-SJA
D3-SJA Scheduled Job Analysis
Counters 2 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-USICA
D3-USICA User Session Init Config Analysis
Counters 2 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-DNRA
D3-DNRA Domain Name Reputation Analysis
Counters 0 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-FHRA
D3-FHRA File Hash Reputation Analysis
Counters 0 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-IPRA
D3-IPRA IP Reputation Analysis
Counters 0 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-PFV
D3-PFV Peripheral Firmware Verification
Counters 0 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect
D3-RFUM
D3-RFUM Remote Firmware Update Monitoring
Counters 0 ATT&CK techniques
Tactic: Detect · Level: subtechnique · Click to inspect