Authors: Frank Duff, Rick Gordon, and Richard Struse
January 10, 2022
Welcome to Tidal’s inaugural blog post. In the coming weeks, months and years, we plan to share information, opinions and insights from our team on our experiences with threat-informed defense. This first blog post is Tidal’s origin story, where we do our best to explain why we decided to join forces and launch a startup. We hope that you find it informative, and we look forward to your comments and suggestions along the way.
Over the past several years, the three of us have had front-row seats to the development, maturation and global adoption of threat-informed defense and the MITRE ATT&CK® knowledge base. Frank designed and implemented a completely new approach to evaluating security products that culminated in the highly successful MITRE ATT&CK Evaluations program. Rich coined the term “threat-informed defense” and co-founded MITRE's Center for Threat-Informed Defense which brings together some of the world’s leading security teams to tackle hard problems in threat-informed defense. And Rick oversaw both of these programs as well as MITRE ATT&CK Defender™, which delivers high-quality threat-informed defense training and low-cost certifications to the global community.
Through these and other experiences, we saw first-hand the potential for threat-informed defense to allow cybersecurity professionals to defend their networks more efficiently and detect threats more effectively. We also experienced first-hand many of the challenges that face organizations that want to implement a threat-informed approach to cybersecurity.
As many of you already know, threat-informed defense begins with ATT&CK. And to be certain, the MITRE ATT&CK knowledge base has already made a profound impact on our community. ATT&CK gave us a way of reasoning about and sharing knowledge about adversary behaviors. Some sophisticated enterprises are effectively integrating the breadth and depth of ATT&CK into their security workflows. However, to date, most implementations of threat-informed defense are typically fragmented, stove-piped, and rely on bespoke tools and datasets.
It became clear to us in our previous roles that there are still many gaps to fill to make the benefit of threat-informed defense available to everyone. We launched Tidal to fill those gaps.
At Tidal, we are driven by the belief that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical, affordable and sustainable.
To achieve that vision, we will deliver an integrated suite of SaaS-based products and related services to catalyze the adoption of threat-informed defense and put organizations in control of their own security. These offerings are designed to make it fundamentally easier for enterprises of all sizes to plan, implement, measure, and improve their organization’s cybersecurity posture using the power of threat-informed defense.
In subsequent posts we’ll delve deeper into just exactly what we mean by “threat-informed defense”, how ATT&CK fits into our view of threat-informed defense and many other topics. Thanks for reading and we look forward to going on this journey with you.
Frank, Rick, and Rich