271 indexed
D3FENDD3FEND defensive techniques
271 MITRE D3FEND defences across 7 tactics (Model, Harden, Detect, Isolate, Deceive, Evict, Restore). Filter to a tactic or browse the full set. Authored by Adam Lundqvist.
27 in Model · 271 total
| ID | Title | Summary |
|---|---|---|
| D3-AI | Asset Inventory | |
| D3-ALLM | Active Logical Link Mapping | Active logical link mapping sends and receives network traffic as a means to map the whole data link layer, where the links represent logical data flows rather… |
| D3-AM | Access Modeling | Access modeling captures and records the access permissions granted to identities (e.g., administrators, users, groups, systems) and optionally includes detail… |
| D3-APLM | Active Physical Link Mapping | Active physical link mapping sends and receives network traffic as a means to map the physical layer. |
| D3-AVE | Asset Vulnerability Enumeration | Asset vulnerability enumeration enriches inventory items with knowledge identifying their vulnerabilities. |
| D3-CI | Configuration Inventory | Configuration inventory identifies and records the configuration of software and hardware and their components throughout the organization. |
| D3-CIA | Container Image Analysis | Analyzing a Container Image with respect to a set of policies. |
| D3-DEM | Data Exchange Mapping | Data exchange mapping identifies and models the organization's intended design for the flows of the data types, formats, and volumes between systems at the app… |
| D3-DI | Data Inventory | Data inventorying identifies and records the schemas, formats, volumes, and locations of data stored and used on the organization's architecture. |
| D3-DPLM | Direct Physical Link Mapping | Direct physical link mapping creates a physical link map by direct observation and recording of the physical network links. |
| D3-HCI | Hardware Component Inventory | Hardware component inventorying identifies and records the hardware items in the organization's architecture. |
| D3-LLM | Logical Link Mapping | Logical link mapping creates a model of existing or previous node-to-node connections using network-layer data or metadata. |
| D3-NM | Network Mapping | |
| D3-NNI | Network Node Inventory | Network node inventorying identifies and records all the network nodes (hosts, routers, switches, firewalls, etc.) in the organization's architecture. |
| D3-NTPM | Network Traffic Policy Mapping | Network traffic policy mapping identifies and models the allowed pathways of data at the network, transport, and/or application levels. |
| D3-NVA | Network Vulnerability Assessment | Network vulnerability assessment relates all the vulnerabilities of a network's components in the context of their configuration and interdependencies and can … |
| D3-OAM | Operational Activity Mapping | |
| D3-ODM | Operational Dependency Mapping | Operational dependency mapping identifies and models the dependencies of the organization's activities on each other and on the organization's performers (peop… |
| D3-OM | Organization Mapping | Organization mapping identifies and models the people, roles, and groups with an organization and the relations between them. |
| D3-ORA | Operational Risk Assessment | Operational risk assessment identifies and models the vulnerabilities of, and risks to, an organization's activities individually and as a whole. |
| D3-PLLM | Passive Logical Link Mapping | Passive logical link mapping only listens to network traffic as a means to map the the whole data link layer, where the links represent logical data flows rath… |
| D3-PLM | Physical Link Mapping | Physical link mapping identifies and models the link connectivity of the network devices within a physical network. |
| D3-SVCDM | Service Dependency Mapping | Service dependency mapping determines the services on which each given service relies. |
| D3-SWI | Software Inventory | Software inventorying identifies and records the software items in the organization's architecture. |
| D3-SYSDM | System Dependency Mapping | System dependency mapping identifies and models the dependencies of system components on each other to carry out their function. |
| D3-SYSM | System Mapping | |
| D3-SYSVA | System Vulnerability Assessment | System vulnerability assessment relates all the vulnerabilities of a system's components in the context of their configuration and internal dependencies and ca… |