Cyber Defense for All
Tidal’s Community Edition, available free of charge, helps security analysts to more easily and efficiently apply the advanced knowledge of adversary behaviors. These behaviors are defined by the MITRE ATT&CK knowledge base and additional open-source threat intelligence sources, to their unique environment, Tiday Cyber explained. The platform also enables analysts to make this threat information actionable by showing how specific security products address adversary behaviors to better defend against those threats. Richard Struse, chief technology officer and co-founder of Tidal Cyber, explained the inspiration behind the Community Defense of Tidal Platform:“Threat-informed cyber defense is based on understanding how adversaries are likely to attack your organization and using that knowledge to ensure you have the optimal security solutions in place. Our goal is to enable security teams to maintain a ‘single source of truth’ for all data regarding relevant threats and countermeasures. With the availability of Community Edition, organizations can now not only explore the extensive knowledge base of adversarial behaviors more efficiently, but also quickly research solutions available to defend against those threats.”
- Advanced adversary behavior search that enables security analysts to rapidly investigate relevant ATT&CK objects — tactics, techniques, sub-techniques, groups, software, data sources, references — as well as information on how to defend against those behaviors.
- Tidal’s product registry, a curated repository of vendor-provided security product capabilities mapped to specific adversary behaviors. The registry describes how each product protects, detects, responds or tests ATT&CK techniques, as well as the data each product generates to map to ATT&CK Data Components. This allows defenders to see how their current security stack stands up to adversary behaviors they care about and evaluate options to fill any gaps.
- Knowledge base labels that enable users to explore the relationships between the threat objects that are most relevant to their organization.
- Custom technique sets that allow defenders to group specific techniques and sub-techniques with custom labels, making it easy to track and communicate emulation plans and new threat research.