271 defences1,353 crosswalks
D3FENDD3FEND defensive matrix
7 tactics · 271 defensive techniques · 1,353 defends_against crosswalks to MITRE ATT&CK. Authored by Adam Lundqvist.
ATT&CK coverage
0
1
2-3
4-5
6+
MODModel5 techniques
D3-CIA
D3-CIA Container Image Analysis
Counters 26 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-ALLM
D3-ALLM Active Logical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-APLM
D3-APLM Active Physical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-DPLM
D3-DPLM Direct Physical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
D3-PLLM
D3-PLLM Passive Logical Link Mapping
Counters 7 ATT&CK techniques
Tactic: Model · Level: subtechnique · Click to inspect
HARHarden11 techniques
D3-CDP
D3-CDP Change Default Password
Counters 20 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-CERO
D3-CERO Certificate Rotation
Counters 20 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-OTP
D3-OTP One-time Password
Counters 19 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-PR
D3-PR Password Rotation
Counters 19 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-EMH
D3-EMH Electromagnetic Radiation Hardening
Counters 11 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-RFS
D3-RFS RF Shielding
Counters 11 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-DRA
D3-DRA Disable Remote Access
Counters 4 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-BMA
D3-BMA Bus Message Authentication
Counters 0 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-MBSV
D3-MBSV Memory Block Start Validation
Counters 0 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-NPC
D3-NPC Null Pointer Checking
Counters 0 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
D3-OLV
D3-OLV Operational Logic Validation
Counters 0 ATT&CK techniques
Tactic: Harden · Level: subtechnique · Click to inspect
DETDetect0 techniques
ISOIsolate26 techniques
D3-FFV
D3-FFV File Format Verification
Counters 100 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-CFC
D3-CFC Content Format Conversion
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-CNE
D3-CNE Content Excision
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-CNR
D3-CNR Content Rebuild
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-CNS
D3-CNS Content Substitution
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-FCDC
D3-FCDC File Content Decompression Checking
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-FISV
D3-FISV File Internal Structure Verification
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-FMBV
D3-FMBV File Magic Byte Verification
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-FMCV
D3-FMCV File Metadata Consistency Validation
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-FMVV
D3-FMVV File Metadata Value Verification
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-RFAM
D3-RFAM Remote File Access Mediation
Counters 99 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-OTF
D3-OTF Outbound Traffic Filtering
Counters 31 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-EBWSAM
D3-EBWSAM Endpoint-based Web Server Access Mediation
Counters 16 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-PBWSAM
D3-PBWSAM Proxy-based Web Server Access Mediation
Counters 16 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-LFAM
D3-LFAM Local File Access Mediation
Counters 14 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-ITF
D3-ITF Inbound Traffic Filtering
Counters 8 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-WSAM
D3-WSAM Web Session Access Mediation
Counters 8 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-EF
D3-EF Email Filtering
Counters 4 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-FRDDL
D3-FRDDL Forward Resolution Domain Denylisting
Counters 2 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-HDDL
D3-HDDL Hierarchical Domain Denylisting
Counters 2 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-HDL
D3-HDL Homoglyph Denylisting
Counters 2 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-RRID
D3-RRID Reverse Resolution IP Denylisting
Counters 2 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-EPL
D3-EPL Physical Locking
Counters 0 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-FRIDL
D3-FRIDL Forward Resolution IP Denylisting
Counters 0 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-LAMED
D3-LAMED LAN Access Mediation
Counters 0 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect
D3-RAM
D3-RAM Routing Access Mediation
Counters 0 ATT&CK techniques
Tactic: Isolate · Level: subtechnique · Click to inspect