Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. The Center for Threat-Informed Defense created these open source mappings to serve as a bridge between the threat-informed approach to cybersecurity and the traditional perspective applied to the employment of security controls.

Mappings Explorer presents threat and mitigation data in easily accessible and customizable ways. This centralized collection of resources expands the ability of the global cyber community to make threat-informed decisions by exploring real-world cyber threats and corresponding mapped security capabilities.

What is Mappings Explorer for?

You can use Mappings Explorer for many different purposes. Examples of usage include:

Align Cyber Defense to Threats

Explore how security controls and capabilities can be used to protect from, detect, or respond to specific adversary behaviors.

Assess Unpatched Vulnerabilities

Understand how adversaries might exploit unpatched vulnerabilities and what adversaries may achieve by exploiting the vulnerability.

Evolve and Expand Cyber Defense

Visualize and assess deficiencies in cyber defense to plan future policy and security controls around real-world adversary behavior.

Effectively Describe Incidents

Create detailed incident reports incorporating ATT&CK-based threat intel, recommendations for increased security protocols, and response measures.

Get Involved

Are you using the Center for Threat-Informed Defense's mappings projects? Do you have questions or feedback? Get in touch with us!

Email Us