A streamlined mission framework.
MITRE ATT&CK™ is a framework that categorizes and documents adversary tactices and technqiues based on real world observations. In Unfetter, we use ATT&CK™ as a way to connect different types of threat information, building complex relationships in a streamlined workflow.
- MITRE's mission is to solve problems for a safer world by bringing communities together to develop more effective cybersecurity.
- Unfetter Discover lets you relate Reports, Analyltics, Mitigations and Malware to MITRE ATT&CK™ techniques.
- ATT&CK™ is being adopted by organizations large and small all over the world. Unfetter Discover lets you talk the same language.
Structured Threat Information eXpression (STIX) Approach
STIX is a language and serialized format used to exchange Cyber Threat Intelligence (CTI). Unfetter's data is imported and export in STIX format and guides how we build our architecture. By speaking STIX, you can share data in and out of Unfetter Discover using the most sophisticated CTI lexicon.
- STIX is built in JSON and has a REST API configuration for data exchange.
- STIX data objects are diverse and complex. Unfetter Discover helps you make sense of it all.
- Unfetter Discover leverages the ATT&CK™ data pulled from MITRE in STIX format.
Unfetter provides a shared framwork
Threat Reporters
Evaluate your infrastructure’s mitigations, analytics, and capabilities through a simple survey. Visualize your gaps through the lens of MITRE’s ATT&CK™ framework. As Network Defenders improve the security of the infrastructure, you can update the Assessment, maintaining an update to your situational awareness.
Analyic Developers
Explore a snapshot of your survey answers to quickly measure your risk. This overview allows leadership to compare options and focus resources effectively.
Network Defenders
Examine your comprehensive network posture to evaluate your vulnerabilities compared to overall attacker tactics and understand what is working and what needs improvement.
Report Detail
Expand your findings with concrete actions and recommendations. Review details, analyze results from different angles, and determine future courses of action.
The Unfetter Story: Why it began and how it will continue.
Security Engineers at the National Security Agency built Unfetter with the idea that complex Cyber Threat Information (CTI) was difficult to create, share and put into action. We started Unfetter as an experiment to take complex CTI, mapped around common lexicons, and build workflows to help security experts be able to take actions to protect themselves.
Unfetter Analytic was our original project. Partnering with MITRE, we built an ElasticSearch stack running analytics that mapped to MITRE ATT&CK™. By mapping alerts back to a common framework, users would not only see when and where an analytic fired, but get a link to the rich community of informaiton that had grown up around ATT&CK™. All for free.
Unfetter Discover aimed to take that idea farther. Help users create and share the CTI that they understand the best. By creating a network of users who are contributing their CTI expertise and data, in a way that the data itself can be normalized, we believe users will get more actionable information. Not just mounds of data.
Unfetter Discover and Unfetter Analytic are open source tools that are free for the community. We hope they help you as you protect and manage your networks
Take a Tour of our other app features.
Join the Experiment. Developers and Security Professionals Welcome.
Unfetter is open source and looking for partners. If you have an idea for new functionality or a new workflow, let us know and submit an issue in GitHub. If you are a developer and have ideas on how to contribute, we welcome a pull request. We’re excited for everyone to join the experiment.
DOWNLOAD UNFETTERPartner with Parsons for a more secure future.
Parson's corporation has been helping build Unfetter Discover into the product it is today. If you are you looking for a partner, please contact them.
CONTACT PARSONS