Home/D3FEND
D3FEND

D3FEND defensive techniques

30 countermeasures from MITRE's defensive catalog
D3FEND is the defensive counterpart to ATT&CK. It describes what defenders can do to detect, isolate, deceive, evict, harden, and recover from each attack technique. Use it to map defenses to specific adversary behaviors.
Category Detect Isolate Deceive Evict Harden Restore Model all

Defensive techniques

30
D3-AgentAuthentication
Agent Authentication
Harden
D3-ApplicationConfigurationHardening
Application Configuration Hardening
Harden
D3-BootloaderAuthentication
Bootloader Authentication
Harden
D3-Certificate-basedAuthentication
Certificate-based Authentication
Harden
D3-CertificatePinning
Certificate Pinning
Harden
D3-CertificateRotation
Certificate Rotation
Harden
D3-ChangeDefaultPassword
Change Default Password
Harden
D3-CredentialHardening
Credential Hardening
Harden
D3-CredentialRotation
Credential Rotation
Harden
D3-CredentialScrubbing
Credential Scrubbing
Harden
D3-DisableRemoteAccess
Disable Remote Access
Harden
D3-DiskEncryption
Disk Encryption
Harden
D3-DomainLogicValidation
Domain Logic Validation
Harden
D3-FileEncryption
File Encryption
Harden
D3-Hardware-basedWriteProtection
Hardware-based Write Protection
Harden
D3-Multi-factorAuthentication
Multi-factor Authentication
Harden
D3-One-timePassword
One-time Password
Harden
D3-PasswordAuthentication
Password Authentication
Harden
D3-PasswordRotation
Password Rotation
Harden
D3-ProcessSegmentExecutionPrevention
Process Segment Execution Prevention
Harden
D3-RadiationHardening
Radiation Hardening
Harden
D3-SegmentAddressOffsetRandomization
Segment Address Offset Randomization
Harden
D3-SoftwareUpdate
Software Update
Harden
D3-StackFrameCanaryValidation
Stack Frame Canary Validation
Harden
D3-StrongPasswordPolicy
Strong Password Policy
Harden
D3-SystemConfigurationPermissions
System Configuration Permissions
Harden
D3-Token-basedAuthentication
Token-based Authentication
Harden
D3-TokenBinding
Token Binding
Harden
D3-TrustedLibrary
Trusted Library
Harden
D3-VariableInitialization
Variable Initialization
Harden
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin