Skip to content

[Updated] Iran Cyber Threat Resource Center: How to Navigate Amid Geopolitical Conflicts and Tensions

September 25, 2024 Update: Added two recently identified backdoor malware, Spearal & Veaty, linked to the OilRig...

Tackling the Visibility Challenges in the SOC

In this blog series, we dive into the challenges faced by our heroes of Threat-Informed Defense, how they address them,...

Defensive Stack Optimization: A Threat-Informed Defense Use Case

In this blog series, we dive into the challenges faced by our heroes of Threat-Informed Defense, how they address them,...

The TIDE: EDRKillShifter, Ransomware Tools, ExtraHop, Wiz

We haven’t had a version of The TIDE: Threat-Informed Defense Education blog for a bit now, but that is largely because...

How CTI Analysts Use Threat-Informed Defense to Overcome Top Challenges

Recently, I introduced you to our heroes of Threat-Informed Defense. They comprise our diverse community of Tidal Cyber...

New in Tidal Cyber Enterprise Edition – Coverage Map Rollup

Have you ever tried to report the state of your security program to a CEO, CFO, or Board of Directors audience, and...

Heroes of Threat-Informed Defense: Tidal Cyber’s Diverse Users

Are you curious about the make-up of the Tidal Cyber user community? It may surprise you to know that our users hail...

Scattered Spider: Evolving & Resilient Group Proves Need for Constant Defender Vigilance

Recent reporting highlighted new techniques for a prominent group that already possessed a deep set of capabilities. As...

Threat-Informed Defense and Breach and Attack Simulation: Why You Need Both

With so many different market segments in the security industry, it’s inevitable to run into some overlap and...

The TIDE: Threat-Informed Defense Education (Qilin, RansomHub, BlackSuit)

This is our second installment of The TIDE, which is your guide to all things Threat-Informed Defense—at least in terms...

Threats of the Week: Black Basta, Scattered Spider, and FIN7 Malvertising

The only way that we can help our community and our enterprise customers continue to check their coverage against...

Using Tidal Cyber to Make the Most of MITRE ATT&CK v15 (and Beyond)

We are excited to announce that the Tidal Cyber Enterprise and Community platforms are now on the newly released...

Community Content Release: New Analytics Source, LOLBAS, & Tags

Tidal regularly releases new content in the free Community Edition of its platform, and we recently published our...

Detecting & Simulating Recent APT Persistence Methods with Community Resources

On August 24, Microsoft released details about a newly defined, China-based espionage group known as Flax Typhoon,...

Community Content Release: LockBit Tools & TTPs

We recently began publishing Tidal Cyber-authored Objects in our free Community Edition! Curated Objects support...

Community Content Release: 0-Day Summer (Part 2)

We recently published our first collections of Tidal Cyber-authored Objects in Tidal’s free Community Edition platform....

Community Content Release: 0-Day Summer

We recently published our first collection of Tidal Cyber-authored Objects in Tidal’s free Community Edition platform....

ATT&CKing at the Speed of Threats

Today, we are pleased to announce the first release of Tidal Cyber-authored Objects in Tidal’s free Community Edition...

Making Waves: TTP Intelligence Highlights in June

Register here for our upcoming Surf Report webcast, where we’ll summarize top TTPs and defensive takeaways across Q2...

Making Waves: TTP Intelligence Highlights in April

Tidal’s Adversary Intelligence team continuously identifies and processes public sources that contain mappings to the...

Announcing Tidal Cyber's Enterprise Edition

We’re celebrating a big day at Tidal Cyber: the Enterprise Edition of the Tidal Platform is now generally available....

Making Waves: TTP Intelligence Highlights in March

Tidal’s Adversary Intelligence team continuously identifies and processes public sources that contain mappings to the...

5 Ideas for Creating Threat-Informed Defense Content in Tidal Community Edition

Tidal Community Edition is a freely-available threat-informed defense platform that empowers cyber defenders to quickly...

Making Waves: TTP Intelligence Highlights in February

Tidal’s Adversary Intelligence team continuously identifies and processes public sources that contain mappings to the...

Ransomware Threat Profiling: Prioritizing Indiscriminate Threats

This piece expands upon content shared during recent Tidal intelligence briefings. For more background, consider...

Making Waves: TTP Intelligence Highlights in January

Welcome to a new series that spotlights MITRE ATT&CK® techniques observed by Tidal’s Adversary Intelligence team across...

Big-Game Stealing (Part 1): The Infostealer Landscape & Rising Infostealer Threats to Businesses

Welcome to the first in a two-part series on the infostealer landscape, the rising threat infostealers pose to...

Identifying and Defending Against QakBot's Evolving TTPs

If you’re an information security practitioner, or just keep up with cybersecurity reporting, you have almost certainly...

Adversary TTP Evolution and the Value of TTP Intelligence

Tidal’s mission is to support defenders in achieving the benefits of threat-informed defense, which we define as: “The...

Bringing Transparency to Coverage Within the Vendor Community

In an earlier blog post, I touched on the history of MITRE ATT&CK™ coverage and how at Tidal we think of coverage in...

Getting to Know Scott Small, Tidal's Director of Cyber Threat Intelligence

Tidal is excited to welcome Scott Small as our new Director of Cyber Threat Intelligence (CTI)! Scott will be...

The MITRE ATT&CK® v12 Update: What It Means for You and for Tidal

MITRE ATT&CK® released their latest version, v12, last week, and it comes packed with new content. As with previous...

Making it Easier to Navigate Layers with Technique Sets and Matrices

Sometime in the second half of 2017, I was in a meeting with John Wunder and another MITRE colleague discussing the...

The Cover(age) Story: Tidal Announces Threat-Informed Assessments

Core to Tidal Cyber’s mission is empowering organizations big and small to adopt threat-informed defense and give them...

Announcing General Availability of the Tidal Community Edition

This is the day the entire Tidal team has been waiting for and working hard towards: the Tidal Community Edition is now...

Announcing Product Registry and Analytics

Earlier this month we opened the early access for the Community Edition of the Tidal Platform. The Community Edition...

Advancing Threat-Informed Defense with ATT&CK’s Founder, Blake Strom

In my last post I shed some light into how threat-informed defense came into my universe, both in concept (through the...

Exciting News To Share

If you had a chance to read Rich’s and Frank’s previous blogs, you likely already know we started Tidal to enable...

ATT&CK and Threat-Informed Defense: The Same but Different

In our last post we talked about how we define threat-informed defense. When I first heard of threat-informed defense,...

Why Tidal? Why now?

Authors: Frank Duff, Rick Gordon, and Richard Struse